Professional Documents
Culture Documents
Information Security Transformation-Nahil Mahmood-Lecture 99
Information Security Transformation-Nahil Mahmood-Lecture 99
Information Security Transformation-Nahil Mahmood-Lecture 99
• Carnegie Mellon
Software Engineering
Institute
• https://
wiki.sei.cmu.edu/conflue
nce/display/seccode/SEI
+CERT+Coding+Standar
ds
• https://
wiki.sei.cmu.edu/conflue
nce/display/c/SEI+CERT+
C+Coding+Standard
1
CASE STUDY – C APPLICATIONS SECURITY HARDENING
https://
wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT
+Coding+Standards
2
CASE STUDY – C APPLICATIONS SECURITY HARDENING
3
CASE STUDY – C APPLICATIONS SECURITY HARDENING
• Avoid casting
away const qualification
because doing so makes
it possible to modify
const-qualified objects
without issuing
diagnostics.
4
CASE STUDY – C APPLICATIONS SECURITY HARDENING
5
CASE STUDY – C APPLICATIONS SECURITY HARDENING
6
CASE STUDY – C APPLICATIONS SECURITY HARDENING
7
CASE STUDY – C APPLICATIONS SECURITY HARDENING
8
CASE STUDY – C APPLICATIONS SECURITY HARDENING
END