Chapter 2 Strings
with Dan Plakosh and Jason Rafail1
1. Daniel Plakosh is a senior member of the technical staff for the Software Engineering Institute (SEI) Networked Systems Survivability Program. Jason Rafail is a member of the technical staff for the SEI Networked Systems Survivability Program.
But evil things, in robes of sorrow,Assailed the monarch’s high estate.
—Edgar Allan Poe“The Fall of the House of Usher”
Strings—such as command-line arguments, environment variables, and console input—are of special concern in secure programming because they comprise most of the data exchanged between an end user and a software system. Graphic and Web-based applications make extensive use of text input fields and, because of standards like XML, ...
Get Secure Coding in C and C++ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
