What do you think?
Rate this book
The CERT C Coding Standard, 2nd Edition
“At Cisco, we have adopted the CERT C Coding Standard as the internal secure coding standard for all C developers. It is a core component of our secure development lifecycle. The coding standard described in this book breaks down complex software security topics into easy-to-follow rules with excellent real-world examples. It is an essential reference for any developer who wishes to write secure and resilient software in C and C++.�
—Edward D. Paradise, vice president, engineering, threat response, intelligence, and development, Cisco Systems
Secure programming in C can be more difficult than even many experienced programmers realize. To help programmers write more secure code, The CERT® C Coding Standard, Second Edition, fully documents the second official release of the CERT standard for secure coding in C. The rules laid forth in this new edition will help ensure that programmers� code fully complies with the new C11 standard; it also addresses earlier versions, including C99.
The new standard itemizes those coding errors that are the root causes of current software vulnerabilities in C, prioritizing them by severity, likelihood of exploitation, and remediation costs. Each of the text’s 98 guidelines includes examples of insecure code as well as secure, C11-conforming, alternative implementations. If uniformly applied, these guidelines will eliminate critical coding errors that lead to buffer overflows, format-string vulnerabilities, integer overflow, and other common vulnerabilities. This book reflects numerous experts� contributions to the open development and review of the rules and recommendations that comprise this standard. Coverage includes
—Edward D. Paradise, vice president, engineering, threat response, intelligence, and development, Cisco Systems
Secure programming in C can be more difficult than even many experienced programmers realize. To help programmers write more secure code, The CERT® C Coding Standard, Second Edition, fully documents the second official release of the CERT standard for secure coding in C. The rules laid forth in this new edition will help ensure that programmers� code fully complies with the new C11 standard; it also addresses earlier versions, including C99.
The new standard itemizes those coding errors that are the root causes of current software vulnerabilities in C, prioritizing them by severity, likelihood of exploitation, and remediation costs. Each of the text’s 98 guidelines includes examples of insecure code as well as secure, C11-conforming, alternative implementations. If uniformly applied, these guidelines will eliminate critical coding errors that lead to buffer overflows, format-string vulnerabilities, integer overflow, and other common vulnerabilities. This book reflects numerous experts� contributions to the open development and review of the rules and recommendations that comprise this standard. Coverage includes
- GenresProgrammingComputers
560 pages, Paperback
First published April 17, 2014
8 people are currently reading
51 people want to read
About the author
Robert C. Seacord
11Ìýbooks9ÌýfollowersRobert C. Seacord is an American computer security specialist and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
October 28, 2016
Must read for any C developer, tradition of good FAQ in a paperbound version.
Of course it's way easier to just go to the and make it a daily routine to digest these rules day by day.
Of course it's way easier to just go to the and make it a daily routine to digest these rules day by day.
Displaying 1 of 1 review
Can't find what you're looking for?
Get help and learn more about the design.