Secure Coding in C and C++ (2nd Edition) (SEI Series in Software Engineering)

Author: Robert C. Seacord
This Year Hacker News 2
This Month Hacker News 1


by hermitdev   2018-01-07
I've not read through the CERT C++ rules (yet), but I highly recommend reading "Secure Coding in C and C++" [0]. Expectedly, there's a good discussion on bounds checking. But, nearly half the book is dedicated to integer underflow/overflow (and signed/unsigned) issues (which most devs either ignore or are oblivious to). It's not a panacea, but if you're write C/C++ without thinking about security and how things can go wrong, it can be a real eye opener.