Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Secure Software Development

You're reading from   Secure Software Development Learn to analyze and mitigate risks in your software projects

Arrow left icon
Product type Paperback
Published in Mar 2024
Publisher Packt
ISBN-13 9781835462836
Length 262 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Aspen Olmsted Aspen Olmsted
Author Profile Icon Aspen Olmsted
Aspen Olmsted
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1: Modeling a Secure Application FREE CHAPTER
2. Chapter 1: Security Principles 3. Chapter 2: Designing a Secure Functional Model 4. Chapter 3: Designing a Secure Object Model 5. Chapter 4: Designing a Secure Dynamic Model 6. Chapter 5: Designing a Secure System Model 7. Chapter 6: Threat Modeling 8. Part 2: Mitigating Risks in Implementation
9. Chapter 7: Authentication and Authorization 10. Chapter 8: Input Validation and Sanitization 11. Chapter 9: Standard Web Application Vulnerabilities 12. Chapter 10: Database Security 13. Part 3: Security Validation
14. Chapter 11: Unit Testing 15. Chapter 12: Regression Testing 16. Chapter 13: Integration, System, and Acceptance Testing 17. Chapter 14: Software Penetration Testing 18. Index 19. Other Books You May Enjoy

Buffer overflows

Buffer overflows are a common type of software vulnerability that occurs when a program writes more data to a buffer (temporary data storage area) than allocated for. This can lead to unpredictable behavior, crashes, and, in some cases, exploitation by attackers to execute malicious code. Defenses against buffer overflows are essential to enhance the security of software applications. Here are some key defenses:

  • Use safe string functions - Replace standard, non-bounds-checked string functions (for example, strcpy, sprintf) with their safer counterparts (for example, strncpy, snprintf) that allow specifying the maximum number of characters to copy.
  • Bounds checking - Perform explicit bounds checking before copying data into buffers. Ensure that the input data length does not exceed the allocated buffer size.
  • Memory-safe languages - Choose programming languages that provide memory safety, such as Rust, or languages with memory management mechanisms such...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image