defdeveu courses

C/C++ specific

Work in progress

The language specific module

Secure coding in C/C++

Developed by Marek Zachara
  • Major difference of C++ against other common technologies
  • C/C++ related code vulnerabilities
    • Buffer overflow
    • Memory management and pointers
    • String handling
    • Integer overflow
    • Multiple threads
    • Privilege management
    • Uninitialized variables
    • execve()
  • Library functions and returns
  • How to write a secure code?
  • Debugging tips & tricks
  • A look from the future (Rust, golang)
  • SEI CERT C++ Coding Standard
  • Cryptography in C/C++


We assume that the developers attending this course:
  • are familiar with the C++ and with XOX;
  • understand the HTTP protocol, HTML and Javascript;
  • are familiar with basic security features of an enterprise application (authentication, authorization, the concept of a session);
  • have XOX framework and a suitable IDE installed on their laptop (labs desktop).