The Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix (including Linux) and Windows environments.
Readers will learn: how to avoid common programming errors, such as buffer overflows, race conditions and format string problems; how to properly SSL-enable applications; how to create secure channels for client-server communication without SSL; how to integrate Public Key Infrastructure (PKI) into applications; best practices for using cryptography properly; techniques and strategies for properly validating input to programs; how to launch programs securely; how to use file access mechanisms properly; and techniques for protecting applications from reverse engineering. The book's Web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.