Chapter 1 Running with Scissors
2.2 Common String Manipulation Errors
Improperly Bounded String Copies
String Errors without Functions
2.3 String Vulnerabilities and Exploits
2.4 Mitigation Strategies for Strings
C11 Annex K Bounds-Checking Interfaces
Invalidating String Object References
Other Common Mistakes in basic_string
Usage
C11 Annex K Bounds-Checking Interfaces: gets_s()
2.6 Runtime Protection Strategies
Visual Studio Compiler-Generated Runtime Checks
Stack-Smashing Protector (ProPolice)
3.4 Modifying the Instruction Pointer
3.8 The atexit()
and on_exit()
Functions
System Default Exception Handling
Encoding and Decoding Function Pointers
Chapter 4 Dynamic Memory Management
C Standard Memory Management Functions
alloca()
and Variable-Length Arrays
4.2 Common C Memory Management Errors
Failing to Check Return Values
Dereferencing Null or Invalid Pointers
4.3 C++ Dynamic Memory Management
4.4 Common C++ Memory Management Errors
Failing to Correctly Check for Allocation Failure
Improperly Paired Memory Management Functions
Deallocation Function Throws an Exception
4.6 Doug Lea’s Memory Allocator
4.7 Double-Free Vulnerabilities
Consistent Memory Management Conventions
CVS Buffer Overflow Vulnerability
Microsoft Data Access Components (MDAC)
Vulnerabilities in MIT Kerberos 5
5.1 Introduction to Integer Security
Conversions from Unsigned Integer Types
Conversions from Signed Integer Types
Conversion and Truncation Errors
Nonexceptional Integer Logic Errors
Arbitrary-Precision Arithmetic
Precondition and Postcondition Testing
Compiler-Generated Runtime Checks
Verifiably In-Range Operations
As-If Infinitely Ranged Integer Model
6.2 Formatted Output Functions
6.3 Exploiting Formatted Output Functions
Wide-Character Format String Vulnerabilities
Writing Addresses in Two Words
Exclude User Input from Format Strings
C11 Annex K Bounds-Checking Interfaces
Modifying the Variadic Function Implementation
Washington University FTP Daemon
Thread Role Analysis (Research)
DoS Attacks in Multicore Dynamic Random-Access Memory (DRAM) Systems
Concurrency Vulnerabilities in System Call Wrappers
Time of Check, Time of Use (TOCTOU)
Controlling Access to the Race Object
Chapter 9 Recommended Practices
9.1 The Security Development Lifecycle
Security Quality Requirements Engineering
Secure Software Development Principles
Vulnerabilities in Existing Code
As-If Infinitely Ranged (AIR) Integer Model
Source Code Analysis Laboratory (SCALe)
3.146.107.89