Secure Coding in C and C++ (SEI Series in Software Engineering (Paperback)) Paperback – 2 Apr 2013
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Frequently bought together
Customers who bought this item also bought
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Would you like to tell us about a lower price?
If you are a seller for this product, would you like to suggest updates through seller support?
About the Author
Robert C. Seacord is currently the Secure Coding Technical Manager in the CERT Program of Carnegie Mellon’s Software Engineering Institute (SEI). He is the author or coauthor of five books, including The CERT® C Secure Coding Standard (Addison-Wesley, 2009), and is the author and instructor of a video training series, Professional C Programming LiveLessons, Part I: Writing Robust, Secure, Reliable Code (Addison-Wesley, 2013).
What other items do customers buy after viewing this item?
Top customer reviews
There are good details examples and good explanations of the reasoning behind the problems of particular functionalities. Almost all issues also have descriptions of how to avoid the particular exploits.
Overall, this is a good book on the technical aspects of writing code that does not contain the majority of known vulnerabilities inherent in C and C++. Many of the rule can also be detected using static analysis tools, and should be!
Most helpful customer reviews on Amazon.com
The author includes suggestions and examples of how to avoid programming these types of vulnerabilities into your software projects.
In today's age, more often than not, fixing "bugs" in programs is based on the business model of a Return-On-Investment (ROI). As a result, coding vulnerabilities are often left in place to avoid the expense and time required to track issues, re-code, and test the software.
Unfortunately, after reading this text, I realize that the problems didn't start with the business model, but with how programmers are trained. Beginning students of programming are not made aware of the concerns presented in this text, and how to correct for them until much later, IF at all, in their training.
As a result, students will form bad-habits in their coding paradigm that this text addresses.
This text or similar needs to be a mandate for beginning programmers. I, certainly, wish that my professors and mentors had brought the topics contained in this book to my attention as a beginning student in the field.
This text has a permanent place in my library.
That said, I think while its initial impact is significant, it's value drops significantly after the first read, as its lessons are more philosophical than a reference. Unless you're loaning it out to punk kids you work with who need to stop recklessly managing memory. If you or someone you know thinks C is anything but a cold harsh mistress with no more attachment to you than your goldfish, this book is probably for you.
An intermediate knowledge of a C language is necessary, although I'd say memory of irresponsible design decisions helps reinforce the material better.
Look for similar items by category