Workshop Preview: Secure Coding in C and C++ - Robert C. Seacord - ACCU 2025
https://www.accuconference.org/
https://accu.org
Kevin Carpenter from@cppeventsdiscusses with Robert C. Seacord Robert's upcoming workshop for the ACCU 2025 conference, titled 'Secure Coding in C and C++'
Join Kevin and Robert for a preview of this much anticipated workshop for ACCU 2025!
View More Information: https://accuconference.org/2025/session/secure-coding-in-c-and-cpp
Secure Coding in C and C++
Scheduled for 09:00-18:00, Monday, 31st March 2025
---
Secure Coding in C and C++ is a full day training course that provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to vulnerable software.
Outline
This course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries.
This course covers specific remediation techniques for each category of security flaws as well as general secure coding practices that help prevent the introduction of vulnerabilities.
Material in this presentation was derived from the Addison-Wesley books Secure Coding in C and C++ and The CERT C Secure Coding Standard.
Agenda
Integer Types Integer Data Types
- Unsigned integer types
- Wraparound
- Signed integer types
- Signed integer ranges
- Overflow -Character types
- Other integer types
Integer Conversions
- Integer conversion rank
- Integer promotions
- Usual arithmetic conversions
- Conversions to unsigned integer types
- Conversions to signed integer types
- Conversion implications
Integer Operations
- Addition
- Multiplication
- Division/remainder
- Right shift
Exercise: Reviewing Code for Integer Defects
Integer Vulnerabilities
- Wrap around
- Conversion error
- Truncation
- Non-exceptional
Mitigation Strategies
- Integer type selection
- Safe integer operations
- Compiler Strategies
- Testing and reviews
Dangerous Optimizations & Dynamic Memory
- Compiler Optimizations
- Constant Folding
- Adding a Pointer and an Integer
Summary
---
About The ACCU Conference:
The ACCU Conference is the annual conference of the ACCU membership, but is open to any and all who wish to attend. The tagline for the ACCU is "Professionalism in Programming", which captures the whole spectrum of programming languages, tools, techniques and processes involved in advancing our craft. While there remains a core of C and C++ - with many members participating in respective ISO standards bodies - the conference, like the organisation, embraces other language ecosystems and you should expect to see sessions on C#, D, F#, Go, Javascript, Haskell, Java, Kotlin, Lisp, Python, Ruby, Rust, Swift and more. There are always sessions on TDD, BDD, and how to do programming correctly.
The ACCU Conference is a conference by programmers for programmers about programming.
ACCU Membership: https://tinyurl.com/ydnfkcyn
2025 Program - https://accuconference.org/2025/schedule
https://accu.org
https://www.accuconference.org/
https://mastodon.social/@ACCUConf
https://www.linkedin.com/showcase/accu-conference/
https://bsky.app/profile/accuconf.bsky.social
https://www.facebook.com/accuorg
---
Robert C. Seacord
Robert C. Seacord is standardization lead at Woven by Toyota, where he helps standardize software development practices. Robert is an expert on ISO/IEC JTC1/SC22/WG14, the international standardization working group for the C programming language. He is the author of seven books, including Effective C (No Starch, 2020), The CERT C Coding Standard, Second Edition (Addison-Wesley, 2014), Secure Coding in C and C++, Second Edition (Addison-Wesley, 2013), and Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2014). He has also published more than 50 papers on software security, component-based software engineering, web-based system design, legacy-system modernization, component repositories and search engines, and user interface design and development.
Hosted by Kevin Carpenter:@cppevents
---
YouTube Videos Filmed, Edited & Optimised by Digital Medium: https://events.digital-medium.co.uk
#accuconf #programming #coding #cpp #cppprogramminglanguage #cprogramming #cplusplusprogramming #cppprogramming #coding #softwareengineering #cplusplus #softwaredevelopment #code #software
Видео Workshop Preview: Secure Coding in C and C++ - Robert C. Seacord - ACCU 2025 канала ACCU Conference
https://accu.org
Kevin Carpenter from@cppeventsdiscusses with Robert C. Seacord Robert's upcoming workshop for the ACCU 2025 conference, titled 'Secure Coding in C and C++'
Join Kevin and Robert for a preview of this much anticipated workshop for ACCU 2025!
View More Information: https://accuconference.org/2025/session/secure-coding-in-c-and-cpp
Secure Coding in C and C++
Scheduled for 09:00-18:00, Monday, 31st March 2025
---
Secure Coding in C and C++ is a full day training course that provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to vulnerable software.
Outline
This course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries.
This course covers specific remediation techniques for each category of security flaws as well as general secure coding practices that help prevent the introduction of vulnerabilities.
Material in this presentation was derived from the Addison-Wesley books Secure Coding in C and C++ and The CERT C Secure Coding Standard.
Agenda
Integer Types Integer Data Types
- Unsigned integer types
- Wraparound
- Signed integer types
- Signed integer ranges
- Overflow -Character types
- Other integer types
Integer Conversions
- Integer conversion rank
- Integer promotions
- Usual arithmetic conversions
- Conversions to unsigned integer types
- Conversions to signed integer types
- Conversion implications
Integer Operations
- Addition
- Multiplication
- Division/remainder
- Right shift
Exercise: Reviewing Code for Integer Defects
Integer Vulnerabilities
- Wrap around
- Conversion error
- Truncation
- Non-exceptional
Mitigation Strategies
- Integer type selection
- Safe integer operations
- Compiler Strategies
- Testing and reviews
Dangerous Optimizations & Dynamic Memory
- Compiler Optimizations
- Constant Folding
- Adding a Pointer and an Integer
Summary
---
About The ACCU Conference:
The ACCU Conference is the annual conference of the ACCU membership, but is open to any and all who wish to attend. The tagline for the ACCU is "Professionalism in Programming", which captures the whole spectrum of programming languages, tools, techniques and processes involved in advancing our craft. While there remains a core of C and C++ - with many members participating in respective ISO standards bodies - the conference, like the organisation, embraces other language ecosystems and you should expect to see sessions on C#, D, F#, Go, Javascript, Haskell, Java, Kotlin, Lisp, Python, Ruby, Rust, Swift and more. There are always sessions on TDD, BDD, and how to do programming correctly.
The ACCU Conference is a conference by programmers for programmers about programming.
ACCU Membership: https://tinyurl.com/ydnfkcyn
2025 Program - https://accuconference.org/2025/schedule
https://accu.org
https://www.accuconference.org/
https://mastodon.social/@ACCUConf
https://www.linkedin.com/showcase/accu-conference/
https://bsky.app/profile/accuconf.bsky.social
https://www.facebook.com/accuorg
---
Robert C. Seacord
Robert C. Seacord is standardization lead at Woven by Toyota, where he helps standardize software development practices. Robert is an expert on ISO/IEC JTC1/SC22/WG14, the international standardization working group for the C programming language. He is the author of seven books, including Effective C (No Starch, 2020), The CERT C Coding Standard, Second Edition (Addison-Wesley, 2014), Secure Coding in C and C++, Second Edition (Addison-Wesley, 2013), and Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2014). He has also published more than 50 papers on software security, component-based software engineering, web-based system design, legacy-system modernization, component repositories and search engines, and user interface design and development.
Hosted by Kevin Carpenter:@cppevents
---
YouTube Videos Filmed, Edited & Optimised by Digital Medium: https://events.digital-medium.co.uk
#accuconf #programming #coding #cpp #cppprogramminglanguage #cprogramming #cplusplusprogramming #cppprogramming #coding #softwareengineering #cplusplus #softwaredevelopment #code #software
Видео Workshop Preview: Secure Coding in C and C++ - Robert C. Seacord - ACCU 2025 канала ACCU Conference
Coding in C Secure Coding in C secure coding in c++ secure coding in cpp secure coding cplusplus workshop workshop preview Robert C. Seacord Secure Coding in C and C++ accu workshop training course programming errors in C programming errors in c++ programming errors mistakes preview security issues security safety c++ software cpp software c software in c++ in cpp software security Integer Types intergers training talk adc adc 2025 coding in c++ code
Комментарии отсутствуют
Информация о видео
18 марта 2025 г. 20:00:06
00:17:27
Другие видео канала
![An Adventure in Race Conditions - Felix Petriconi [ACCU 2019]](https://i.ytimg.com/vi/asgO4P2fhTw/default.jpg)
![Alchemical Code Rejuvenation - Uberto Barbini [ACCU 2018]](https://i.ytimg.com/vi/koGpF1solzM/default.jpg)
![Design and Evolution of cyber-dojo - Jon Jagger [ACCU 2017]](https://i.ytimg.com/vi/eR_RENdIIzw/default.jpg)
![How to write a programming language - Andy Balaam [ACCU 2017]](https://i.ytimg.com/vi/82-XjMzKaC8/default.jpg)
![Typical Type Typos - Amir Kirsh [ ACCU 2021 ]](https://i.ytimg.com/vi/fIKIOxh3Tds/default.jpg)
![std::jthread - I Told You Concurrency Is Tricky - Nico Josuttis [ ACCU 2021 ]](https://i.ytimg.com/vi/ln5ERAVXEMY/default.jpg)
!['Waltzing with Branches' - Chris OldWood [ ACCU 2016 ]](https://i.ytimg.com/vi/gYhndMJEbpg/default.jpg)
