Book: Secure Coding in C and C++
The first time I’d read this book was in 2006. Since I recently had to reference it somewhere, I decided to write a quick review after reading it at least three times since 2006. Here we are…
Title: Secure Coding in C and C++
Author: Robert C. Seacord
Chapter 1: Running with Scissors
Obviously this is the introduction chapter. Here the author discusses the various terms used in this book as well as some general security principles.
Chapter 2: Strings
Starting from basic concepts such as string characteristics in C and C++ up to more advanced issues like string vulnerabilities, the author moves to exploitation in a theoretical level by identifying some well known techniques. Then he moves to prevention and detection and ends up the chapter with some real world case studies including known vulnerabilities in Kerberos, Metamail etc.
Chapter 3: Pointer Subterfuge
This is a small but pretty neat chapter since it deals with pointer issues. All the essentials of both C pointers and C++ virtual pointer are explained and then the most common vulnerabilities. Also, you can find information for uses of atexit(), _exit(), .dtors, .got etc. in exploitation as well as mitigation strategies ranging from W^X, canaries etc.
Chapter 4: Dynamic Memory Management
Here, after discussing the basics of memory management and dynamic memory management the author moves to security subjects like vulnerabilities in specific implementations such as Dou Lea’s memory allocator, RtlHeap etc. He then presents the known mitigation strategies used in the various operating systems, commercial and free and ends up with some case studies like CVS buffer overflow, Microsoft Data Access Components etc.
Chapter 5: Integer Security
As you might have guessed, apart from the expected integer types, conversions, promotions etc. it deals with integer overflows, truncations, signedness issues etc. Like the previous chapters, mitigation strategies is the following section and the last one is some notable vulnerabilities including Windows DirectX MIDI library and BASH.
Chapter 6: Formatted Output
Clearly the format is the same. First you can learn about the fundamentals like ANSI C standard arguments, format strings etc. in both GCC and Visual C++ .NET and then move to vulnerabilities and their exploitation process. After the many mitigation strategies that have been developed through the years it concludes with some neat vulnerabilities like Washington University FTP Daemon and CDE ToolTalk.
Chapter 7: File I/O
All of the essential knowledge for file I/O security flaws and vulnerabilities can be found here. From usual TOCTOU to mutual exclusion, temporary files and file locking as well as mitigation strategies are discussed in this chapter.
Chapter 8: Recommended Practices
This is the final chapter and it deals with the countless security models, technologies and strategies that could be employed by a developer to secure his software. It’s a nice write-up and it includes almost all of the technologies that have been developed for such purposes.
In my opinion it’s an excellent book for academic environments for getting students introduced with the basic concepts of secure programming mainly in C despite that it contains some information on C++ security issues. After all, we shouldn’t forget that this book is used by Carnegie Mellon University as one of the textbooks in the SEI training class. However, don’t expect to find any information on latest topics since most of the content is about “classic” stuff that in some cases do not even apply in the nowadays systems.