Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More (Paperback)

John Viega, Matt Messier

  • 出版商: O'Reilly
  • 出版日期: 2003-08-19
  • 定價: $2,625
  • 售價: 9.5$2,494
  • 貴賓價: 9.0$2,363
  • 語言: 英文
  • 頁數: 792
  • 裝訂: Paperback
  • ISBN: 0596003943
  • ISBN-13: 9780596003944
  • 相關分類: C 程式語言C++ 程式語言資訊安全
  • 立即出貨 (庫存=1)



Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:

  • How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
  • How to properly SSL-enable applications
  • How to create secure channels for client-server communication without SSL
  • How to integrate Public Key Infrastructure (PKI) into applications
  • Best practices for using cryptography properly
  • Techniques and strategies for properly validating input to programs
  • How to launch programs securely
  • How to use file access mechanisms properly
  • Techniques for protecting applications from reverse engineering
The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.

Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.




- 如何避免常見的編程錯誤,如緩衝區溢位、競態條件和格式字符串問題
- 如何正確啟用應用程序的SSL功能
- 如何在沒有SSL的情況下創建客戶端-服務器通信的安全通道
- 如何將公鑰基礎設施(PKI)集成到應用程序中
- 正確使用加密的最佳實踐
- 正確驗證程序輸入的技術和策略
- 如何安全地啟動程序
- 如何正確使用文件訪問機制
- 保護應用程序免受逆向工程的技術