Secure Coding in C and C++, 2/e (Paperback)
暫譯: C與C++安全編程(第二版)
Robert C. Seacord
- 出版商: Addison Wesley
- 出版日期: 2013-04-11
- 售價: $2,370
- 貴賓價: 9.5 折 $2,252
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0321822137
- ISBN-13: 9780321822130
-
相關分類:
C 程式語言、C++ 程式語言
-
相關翻譯:
萬無一失的程式碼-終結 C & C ++ 軟體漏洞 (Secure Coding in C and C++, 2/e) (繁中版)
已絕版
買這商品的人也買了...
-
深入淺出設計模式 (Head First Design Patterns)$880$695 -
系統程式 (System Software: An Introduction to Systems Programming, 3/e)(2014年更新版)$680$666 -
大話設計模式$620$490 -
JavaScript & jQuery: The Missing Manual 國際中文版, 2/e
$580$458 -
![ASP.NET 4.5 專題實務 [I]-C# 入門實戰篇-cover](https://cf-assets1.tenlong.com.tw/images/71291/medium/9789572240601_bc.jpg)
ASP.NET 4.5 專題實務 [I]-C# 入門實戰篇$780$616 -
ASP.NET MVC 4 開發實戰$680$537 -
手機應用程式設計超簡單-APP Inventor 初學特訓班-入門、應用到上架全攻略$420$332 -
版本控制使用 Git, 2/e (Version Control with Git: Powerful tools and techniques for collaborative software development, 2/e)$580$458 -
ASP.NET MVC 4 網站開發美學$680$537 -
無瑕的程式碼-敏捷軟體開發技巧守則 (Clean Code: A Handbook of Agile Software Craftsmanship)$580$452 -
超圖解 Arduino 互動設計入門 (附 Arduino UNO R3 開發板)$1,130$961 -
24 小時不打烊的雲端服務:專家教你用 Windows Server 2012 Hyper-V 3.0 實戰虛擬化技術$880$686 -
Arduino UNO R3 開發板(副廠相容版)附傳輸線$400$380 -
易讀程式之美學-提升程式碼可讀性的簡單法則 (The Art of Readable Code)$480$379 -
眼球運動視力鍛鍊-只要每天 5 分鐘,不可思議的眼肌鍛鍊法$349$297 -
![ASP.NET 4.5 專題實務 [II]-範例應用與 4.5 新功能【VB/C# 雙語法】-cover](https://cf-assets1.tenlong.com.tw/images/77361/medium/9789572241721_bc.jpg)
ASP.NET 4.5 專題實務 [II]-範例應用與 4.5 新功能【VB/C# 雙語法】$820$648 -
實戰 Exchange Server 2013 企業現場-安裝管理 x 資安防護 x 企業控管$520$411 -
超圖解 Arduino 互動設計入門, 2/e$680$578 -
The CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems, 2/e (Paperback)$1,800$1,764 -
US-100 超音波距離感測器帶溫度補償$150$143 -
改變世界的九大演算法 : 讓今日電腦無所不能的最強概念 (Nine Algorithms That Changed the Future: The Ingenious Ideas That Drive Today’s Computers)$360$284 -
精實開發與看板方法$550$435 -
四軸飛行器自造手冊$299$236 -
System Software: An Introduction to Systems Programming, 3/e <導讀本>$980$960 -
核心開發者親授!PyTorch 深度學習攻略 (Deep Learning with Pytorch)$1,000$790
相關主題
商品描述
Learn the Root Causes of Software Vulnerabilities and How to Avoid Them
Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root causes account for most of the vulnerabilities.
Secure Coding in C and C++, Second Edition, identifies and explains these root causes and shows the steps that can be taken to prevent exploitation. Moreover, this book encourages programmers to adopt security best practices and to develop a security mindset that can help protect software from tomorrow’s attacks, not just today’s. Drawing on the CERT’s reports and conclusions, Robert C. Seacord systematically identifies the program errors most likely to lead to security breaches, shows how they can be exploited, reviews the potential consequences, and presents secure alternatives.
Coverage includes technical detail on how to
- Improve the overall security of any C or C++ application
- Thwart buffer overflows, stack-smashing, and return-oriented programming attacks that exploit insecure string manipulation logic
- Avoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functions
- Eliminate integer-related problems resulting from signed integer overflows, unsigned integer wrapping, and truncation errors
- Perform secure I/O, avoiding file system vulnerabilities
- Correctly use formatted output functions without introducing format-string vulnerabilities
- Avoid race conditions and other exploitable vulnerabilities while developing concurrent code
The second edition features
- Updates for C11 and C++11
- Significant revisions to chapters on strings, dynamic memory management, and integer security
- A new chapter on concurrency
- Access to the online secure coding course offered through Carnegie Mellon’s Open Learning Initiative (OLI)
Secure Coding in C and C++, Second Edition, presents hundreds of examples of secure code, insecure code, and exploits, implemented for Windows and Linux. If you’re responsible for creating secure C or C++ software–or for keeping it safe–no other book offers you this much detailed, expert assistance.
商品描述(中文翻譯)
了解軟體漏洞的根本原因及如何避免它們
常見的軟體漏洞通常是由可避免的軟體缺陷所引起。自1988年以來,CERT分析了數萬份漏洞報告,發現相對少數的根本原因佔據了大多數的漏洞。
安全編碼:C與C++(第二版)識別並解釋這些根本原因,並展示可以採取的預防措施。此外,本書鼓勵程式設計師採用安全最佳實踐,並培養一種安全思維,以幫助保護軟體免受未來攻擊,而不僅僅是今天的攻擊。根據CERT的報告和結論,Robert C. Seacord系統性地識別出最可能導致安全漏洞的程式錯誤,展示它們如何被利用,回顧潛在後果,並提出安全的替代方案。
內容涵蓋技術細節,包括如何
- 改善任何C或C++應用程式的整體安全性
- 阻止緩衝區溢出、堆疊破壞和利用不安全字串操作邏輯的返回導向程式攻擊
- 避免因不正確使用動態記憶體管理函數而導致的漏洞和安全缺陷
- 消除因有符號整數溢出、無符號整數包裝和截斷錯誤而引起的整數相關問題
- 執行安全的I/O,避免檔案系統漏洞
- 正確使用格式化輸出函數而不引入格式字串漏洞
- 在開發並行程式碼時避免競爭條件和其他可利用的漏洞
第二版的特色包括
- 針對C11和C++11的更新
- 對字串、動態記憶體管理和整數安全章節的重大修訂
- 新增的並行性章節
- 通過卡內基梅隆大學的開放學習計畫(OLI)提供的在線安全編碼課程的訪問權限
安全編碼:C與C++(第二版)提供了數百個安全程式碼、不安全程式碼和漏洞的範例,實現於Windows和Linux。如果您負責創建安全的C或C++軟體,或負責保持其安全,沒有其他書籍能提供如此詳細的專家協助。
