Secure Coding in C and C++
by Robert C. Seacord
Addison-Wesley Professional 2005.
ISBN 0321335724. Paperback, 368 pages.
Reviewed by Sven Dietrich 11/14/05
Secure Coding in C and C++ http://www.awprofessional.com/title/0321335724 provides practical advice on secure practices in C and C++ programming. Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This book provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation.
The book concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries. It does not emphasize security issues involving interactions with external systems such as databases and web servers, as these are rich topics on their own. The intent is that this book be useful to anyone involved in developing secure C and C++ programs regardless of the specific application.