Saturday, May 2, 2015

2015-020 - Deadly Programming Sins - Buffer Underruns


Code Audits are a necessary evil. Many organizations resort to using automated tools, but tools may not find all issues with code. Sometimes, you need to take a look at the code yourself. Since I'm not well-versed at this, and Mr. Boettcher has a CS degree, we

Mr. Boettcher and I begin going through the book "24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them" What we covered this week is "buffer overruns", we discuss what they are, and how they occur.

Get ready for a crash course in code audits. The book is not required, but it definitely helps when we are discussing concepts.

We also mentioned our new Patreon account, so if you are a listener, and want to support what we do, you can give on a per month schedule. Donations are entirely optional, and if you don't wish to give, that's fine too.

 

24 Deadly Sins on Amazon:

http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0071626751/ref=sr_1_1?ie=UTF8&qid=1430622916&sr=8-1&keywords=24+deadly+sins+of+software+security+programming+flaws+and+how+to+fix+them

 

https://cwe.mitre.org/

 

 


Here is a new episode of Brakeing Down Security!

No comments: