SlideShare a Scribd company logo

Secure Programming Practices in C++ (NDC Oslo 2018)

Patricia Aas
Patricia Aas

Bjarne Stroustrup, the creator of C++, once said : “C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do it blows your whole leg off.” He has also said : “Within C++, there is a much smaller and cleaner language struggling to get out.” Both are true. This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. Motivated by going through well known vulnerability patterns that have been used in exploits for decades, we will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blow your whole leg off”.

Software
1 of 79
Download to read offline
@pati_gallardo
Secure Programming Practices in C++ @pati_gallardo Patricia Aas NDC { Oslo } 2018
Patricia Aas - Vivaldi Browser Programmer - mainly in C++ Currently : Vivaldi Technologies Previously : Cisco Systems, Knowit, Opera Software Master in Computer Science Twitter : @pati_gallardo Photos: pixabay.com - CC0
Bjarne Stroustrup “C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do it blows your whole leg off.” @pati_gallardo
Bjarne Stroustrup “Within C++, there is a much smaller and cleaner language struggling to get out.” @pati_gallardo
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
What specs exist? @pati_gallardo
CG: C++ Core Guidelines (328 pages!) @pati_gallardo
C++ Core Guidelines “The C++ Core Guidelines are a collaborative effort led by Bjarne Stroustrup, much like the C++ language itself.” https://github.com/isocpp/CppCoreGuidelines/blob/master/README.md @pati_gallardo
@pati_gallardo SEI: CERT C++ Coding Standard (435 pages!)
SEI CERT C Coding Standard “The SEI CERT C [and C++] Coding Standard is a software coding standard for the C [and C++] programming language, developed by the CERT Coordination Center to improve the safety, reliability, and security of software systems.” https://en.wikipedia.org/wiki/CERT_C_Coding_Standard @pati_gallardo
CWE : Common Weakness Enumeration (1572 pages!) @pati_gallardo
Common Weakness Enumeration (CWE) “The Common Weakness Enumeration (CWE) is a category system for software weaknesses and vulnerabilities. It is sustained by a community project with the goals of understanding flaws in software and creating automated tools that can be used to identify, fix, and prevent those flaws.” https://en.wikipedia.org/wiki/Common_Weakness_Enumeration @pati_gallardo
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
@pati_gallardo Undefined Behaviour
undefined behavior “Examples of undefined behavior are memory accesses outside of array bounds, signed integer overflow, null pointer dereference, modification of the same scalar more than once in an expression without sequence points, access to an object through a pointer of a different type, etc. Compilers are not required to diagnose undefined behavior (although many simple situations are diagnosed), and the compiled program is not required to do anything meaningful.” http://en.cppreference.com/w/cpp/language/ub @pati_gallardo
- Don’t reason about undefined behaviour - Assume that it crashes or is never executed - Changing compiler, compiler version or optimization level can break your application Undefined Behaviour
Infinite Loop (Undefined Behavior) #include <iostream> #include <complex> using namespace std; int main(void) { complex<int> delta; complex<int> mc[4] = {0}; for(int di = 0; di < 4; di++, delta = mc[di]) { cout << di << endl; } } @pati_gallardo (Thanks to @shafikyaghmour) https://stackoverflow.com/questions/32506643/c-compilation-bug Undefined Behavior!
Infinite Loop (Undefined Behavior) Should we Godbolt this? https://godbolt.org/g/TDjM8h @pati_gallardo (Thanks to @shafikyaghmour) https://stackoverflow.com/questions/32506643/c-compilation-bug
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
@pati_gallardo Compiler Optimization
@pati_gallardo The Case Of The Disappearing Memset
0) CWE-14: Compiler Removal of Code to Clear Buffers void GetData(char *MFAddr) { char pwd[64]; if (GetPasswordFromUser(pwd, sizeof(pwd))) { if (ConnectToMainframe(MFAddr, pwd)) { // Interaction with mainframe } } memset(pwd, 0, sizeof(pwd)); // <- Removed by the optimizer } @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
0) CWE-14: Compiler Removal of Code to Clear Buffers Should we Godbolt this? https://godbolt.org/g/FpEsht @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
Memset_s : Zeroing Memory // Compliant Solution (C11) memset_s(pwd, 0, sizeof(pwd)); // Windows Solution SecureZeroMemory(pwd, sizeof(pwd)); @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
@pati_gallardo Exploitability
1. Unsigned Integer Wraparound 2. Signed Integer Overflow 3. Numeric Truncation 4. Stack Buffer Overflow 5. Heap Buffer Overflow 6. Buffer Underflow 7. Use After Free 8. Double Free 9. Incorrect Type Conversion 10. Uncontrolled Format String @pati_gallardo
Code is on GitHub: https://github.com/patricia-gallardo/insecure-coding-examples Disclaimer: The concat buffer examples aren’t really fair because if you did concatenation of strings in this way you would have to take into consideration 0 termination of strings and that doesn’t fit on a slide, so... sigh @pati_gallardo
1) Unsigned Integer Wraparound 2) Signed Integer Overflow 3) Numeric Truncation Error
1) CWE-190: Unsigned Integer Wraparound int main(void) { unsigned int first_len = UINT_MAX; unsigned int second_len = 256; unsigned int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; if((first_len + second_len) <= 256) { // <- sum == 255 memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT30-C. Ensure that unsigned integer operations do not wrap
2) CWE-190: Signed Integer Overflow int main(void) { int first_len = INT_MAX; int second_len = 256; int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; if((first_len + second_len) <= 256) { // <- UB (negative) memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT32-C. Ensure that operations on signed integers do not result in
3) CWE-197: Numeric Truncation Error int main(void) { unsigned int first_len = UINT_MAX - 256; unsigned int second_len = 256; unsigned int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; int new_len = (first_len+second_len); // <- IDB (negative) if(new_len <= 256) { memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
4) Stack-based Buffer Overflow 5) Heap-based Buffer Overflow 6) Buffer Underwrite/Underflow
4) CWE-121: Stack-based Buffer Overflow @pati_gallardo int main(void) { char buffer[10]; // CWE-242 : Inherently Dangerous Function gets(buffer); // <- Write outside } SEI-STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
5) CWE-122: Heap-based Buffer Overflow int main(int argc, char * argv[]) { char* buf = (char*) malloc(sizeof(char)*10); strcpy(buf, argv[1]); // <- Write outside free(buf); } @pati_gallardo SEI-ARR38-C. Guarantee that library functions do not form invalid pointers
6) CWE-124: Buffer Underwrite / Underflow int main(void) { char src[12]; strcpy(src, "Hello World"); size_t length = strlen(src); int index = (length -1); while (src[index] != ':') { src[index] = '0'; index--; } } @pati_gallardo SEI-ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
7) Use After Free 8) Double Free
7) CWE-416: Use After Free @pati_gallardo int main(void) { char* buffer = (char*)malloc (256); bool error = true; if (error) free(buffer); // [...] if (error) printf("%lun", strlen(buffer)); //<- Use after free } SEI-MEM30-C. Do not access freed memory
8) CWE-415: Double Free @pati_gallardo int main(void) { char* buffer = (char*)malloc (256); bool error = true; if (error) free(buffer); // [...] free(buffer); // second free } SEI-MEM51-CPP. Properly deallocate dynamically allocated resources
9) Incorrect Type Conversion/Cast 10) Use of External Format String
9) CWE-704: Incorrect Type Conversion/Cast @pati_gallardo struct A {}; struct B {}; int main(void) { struct A * a = (struct A *) malloc (sizeof (struct A)); struct B * b = (struct B *) a; // cast to unrelated type } SEI-EXP05-CPP. Do not use C-style casts
10) CWE-134: Use of External Format String @pati_gallardo int main(int argc, char * argv[]) { char * format = argv[1]; char * str = argv[2]; printf(format, str); } $ ./format_string "%s %d" "Hello World" Hello World 1745066888 SEI-FIO47-C. Use valid format strings
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
Use Your Tools @pati_gallardo
Classes of Tools - Several compilers - Warnings / Errors - Instrumentation - Static Analysis - Automated Tests - Fuzzing - Continuous Integration - Libraries @pati_gallardo
What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
The Eight I'd Really Rather You Didn'ts* *The Eight Condiments (Pastafarianism) @pati_gallardo
Caution: Don’t take me too seriously. But seriously, think about it! *wink* @pati_gallardo
The Eight I'd Really Rather You Didn'ts 1. Use C 2. Allocate with new 3. Do math a lot 4. Trust your external input 5. Use pointers a lot 6. Write “clever” code 7. Use shared_ptr a lot 8. Use share state a lot @pati_gallardo
1. I'd Really Rather You Didn't: Use C @pati_gallardo CG : CPL.1: Prefer C++ to C
Std::string - Concatenate Strings int main() { std::string first = "Hello "; std::string second = "World"; std::string buffer = first + second; std::cout << buffer << "n"; } @pati_gallardo
Std::cout/cin : Using the Command Line int main(int argc, char * argv[]) { std::string second; std::cin >> second; std::string first = argv[1]; std::string buffer = first + second; std::cout << buffer << "n"; } $ ./command_line "Hello " World Hello World @pati_gallardo
Algorithms : Strip after Colon int main() { string str = "Hello:World"; auto isColon = [](int ch) { return ch == ':'; }; auto first = find_if(rbegin(str), rend(str), isColon); str.erase(first.base(), end(str)); } @pati_gallardo
C++ Casts : Safe Downcasting class Spiderman {}; class Ironman {}; int main() { Spiderman * peter = new Spiderman; Ironman * tony = static_cast<Ironman*>(peter); } inheritance.cpp:6:20: error: static_cast from 'Spiderman *' to 'Ironman *', which are not related by inheritance, is not allowed Ironman * tony = static_cast<Ironman*>(peter); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated. @pati_gallardo
@pati_gallardo CG : R: Resource management CG : R.11: Avoid calling new and delete explicitly 2. I'd Really Rather You Didn't: Allocate With New
Allocating on the Stack #include "Hero.h" int main() { Hero h; } @pati_gallardo
Where is it? Stack Hero stackHero; Heap unique_ptr<Hero> heapHero = make_unique<Hero>(); Hero * heapHero = new Hero(); @pati_gallardo
Loving the Stack #include <iostream> #include <string> using namespace std; int main() { { string s("Hello World!"); cout << s; } // <- GC happens here! } @pati_gallardo
Using the Stack To Manage Resource Lifetimes Destroyed when exiting scope Deterministic Garbage Collection @pati_gallardo
Hold a Value on the Stack that Controls The Lifetime of Your Heap Allocated Object using namespace std; { unique_ptr<Hero> myHero = make_unique<Hero>(); shared_ptr<Hero> ourHero = make_shared<Hero>(); } Smart Pointers @pati_gallardo
@pati_gallardo 3. I'd Really Rather You Didn't: Do Math A Lot
Primitive types have no semantics, only limits Reduce the value space Keep it within defined behavior Enum class, string literals, user defined literals, size_t @pati_gallardo
Enum Class @pati_gallardo enum class Direction : char { NORTH = 'N', EAST = 'E', WEST = 'W', SOUTH = 'S' }; std::ostream& operator << (std::ostream& os, const Direction& obj) { os << static_cast<std::underlying_type<Direction>::type>(obj); return os; } int main() { std::cout << "t" << Direction::NORTH << "n" << "t" << Direction::EAST << "n" << "t" << Direction::WEST << "n" << "t" << Direction::SOUTH << "n"; }
String Literals @pati_gallardo using namespace std::literals::string_literals; int main() { auto heroes = {"Spiderman"s, "Ironman"s, "Wonder Woman"s}; for(auto const & hero : heroes) { std::cout << "t" << hero << "n"; } }
1) User Defined Literals @pati_gallardo int main() { auto h = 24_hours; auto d = 7_days; auto err = h + d; } user_defined_literals.cpp:25:21: error: invalid operands to binary expression ('Hours' and 'Days') auto err = hours + days; ~~~~~ ^ ~~~~ 1 error generated.
2) User Defined Literals @pati_gallardo struct Hours { explicit Hours(unsigned long long n) : num(n) {} unsigned long long num = 0; }; struct Days { explicit Days(unsigned long long n) : num(n) {} unsigned long long num = 0; };
3) User Defined Literals @pati_gallardo Hours operator "" _hours(unsigned long long num) { return Hours(num); } Days operator "" _days(unsigned long long num) { return Days(num); }
Use Size_t for Sizes - Unsigned integer type - Result of the sizeof operator - Use for object sizes - Use for array indexing and loop counting @pati_gallardo
@pati_gallardo 4. I'd Really Rather You Didn't: Trust Your External Input
Taint - Is the source of this value in your code? - Command line args, size fields in headers, exported functions, APIs @pati_gallardo
5. I'd Really Rather You Didn't: Use Pointers a Lot @pati_gallardo
@pati_gallardo 6. I'd Really Rather You Didn't: Write “clever” code
7. I'd Really Rather You Didn't: Use shared_ptr a Lot @pati_gallardo
8. I'd Really Rather You Didn't: Share State a Lot @pati_gallardo
So… what should I remember from this presentation? @pati_gallardo
Well, I'd Really Rather You Didn't: Use C @pati_gallardo
Learn some Modern C++ Instead! @pati_gallardo
@pati_gallardo

Recommended

C++ The Principles of Most Surprise
C++ The Principles of Most SurpriseC++ The Principles of Most Surprise
C++ The Principles of Most Surprise
Patricia Aas
 
Reading Other Peoples Code (Web Rebels 2018)
Reading Other Peoples Code (Web Rebels 2018)Reading Other Peoples Code (Web Rebels 2018)
Reading Other Peoples Code (Web Rebels 2018)
Patricia Aas
 
Software Vulnerabilities in C and C++ (CppCon 2018)
Software Vulnerabilities in C and C++ (CppCon 2018)Software Vulnerabilities in C and C++ (CppCon 2018)
Software Vulnerabilities in C and C++ (CppCon 2018)
Patricia Aas
 
Secure Programming Practices in C++ (NDC Security 2018)
Secure Programming Practices in C++ (NDC Security 2018)Secure Programming Practices in C++ (NDC Security 2018)
Secure Programming Practices in C++ (NDC Security 2018)
Patricia Aas
 
Thoughts On Learning A New Programming Language
Thoughts On Learning A New Programming LanguageThoughts On Learning A New Programming Language
Thoughts On Learning A New Programming Language
Patricia Aas
 
Trying to learn C# (NDC Oslo 2019)
Trying to learn C# (NDC Oslo 2019)Trying to learn C# (NDC Oslo 2019)
Trying to learn C# (NDC Oslo 2019)
Patricia Aas
 
Isolating GPU Access in its Own Process
Isolating GPU Access in its Own ProcessIsolating GPU Access in its Own Process
Isolating GPU Access in its Own Process
Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)
Patricia Aas
 

Recommended

C++ The Principles of Most Surprise
C++ The Principles of Most SurpriseC++ The Principles of Most Surprise
C++ The Principles of Most Surprise
Patricia Aas
 
Reading Other Peoples Code (Web Rebels 2018)
Reading Other Peoples Code (Web Rebels 2018)Reading Other Peoples Code (Web Rebels 2018)
Reading Other Peoples Code (Web Rebels 2018)
Patricia Aas
 
Software Vulnerabilities in C and C++ (CppCon 2018)
Software Vulnerabilities in C and C++ (CppCon 2018)Software Vulnerabilities in C and C++ (CppCon 2018)
Software Vulnerabilities in C and C++ (CppCon 2018)
Patricia Aas
 
Secure Programming Practices in C++ (NDC Security 2018)
Secure Programming Practices in C++ (NDC Security 2018)Secure Programming Practices in C++ (NDC Security 2018)
Secure Programming Practices in C++ (NDC Security 2018)
Patricia Aas
 
Thoughts On Learning A New Programming Language
Thoughts On Learning A New Programming LanguageThoughts On Learning A New Programming Language
Thoughts On Learning A New Programming Language
Patricia Aas
 
Trying to learn C# (NDC Oslo 2019)
Trying to learn C# (NDC Oslo 2019)Trying to learn C# (NDC Oslo 2019)
Trying to learn C# (NDC Oslo 2019)
Patricia Aas
 
Isolating GPU Access in its Own Process
Isolating GPU Access in its Own ProcessIsolating GPU Access in its Own Process
Isolating GPU Access in its Own Process
Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)
Patricia Aas
 
The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)
Patricia Aas
 
Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)
Patricia Aas
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)
Patricia Aas
 
C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)
Patricia Aas
 
The Anatomy of an Exploit
The Anatomy of an ExploitThe Anatomy of an Exploit
The Anatomy of an Exploit
Patricia Aas
 
C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)
Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))
Patricia Aas
 
Php5 certification mock exams
Php5 certification mock examsPhp5 certification mock exams
Php5 certification mock exams
echo liu
 
PVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating systemPVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating system
Andrey Karpov
 
Publishing a Perl6 Module
Publishing a Perl6 ModulePublishing a Perl6 Module
Publishing a Perl6 Module
ast_j
 
Hollywood mode off: security testing at scale
Hollywood mode off: security testing at scaleHollywood mode off: security testing at scale
Hollywood mode off: security testing at scale
Claudio Criscione
 
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
DefconRussia
 
C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)
Patricia Aas
 
GitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo ManagementGitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo Management
John Anderson
 
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxyDEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
Felipe Prado
 
Exploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 EgghunterExploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 Egghunter
Ajin Abraham
 
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf Conference
 
Review unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphpReview unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphp
Damien Seguy
 
Long-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine VLong-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine V
PVS-Studio
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Codemotion
 
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Patricia Aas
 
C++ Core Guidelines
C++ Core GuidelinesC++ Core Guidelines
C++ Core Guidelines
Thomas Pollak
 

More Related Content

What's hot

The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)
Patricia Aas
 
Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)
Patricia Aas
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)
Patricia Aas
 
C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)
Patricia Aas
 
The Anatomy of an Exploit
The Anatomy of an ExploitThe Anatomy of an Exploit
The Anatomy of an Exploit
Patricia Aas
 
C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)
Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))
Patricia Aas
 
Php5 certification mock exams
Php5 certification mock examsPhp5 certification mock exams
Php5 certification mock exams
echo liu
 
PVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating systemPVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating system
Andrey Karpov
 
Publishing a Perl6 Module
Publishing a Perl6 ModulePublishing a Perl6 Module
Publishing a Perl6 Module
ast_j
 
Hollywood mode off: security testing at scale
Hollywood mode off: security testing at scaleHollywood mode off: security testing at scale
Hollywood mode off: security testing at scale
Claudio Criscione
 
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
DefconRussia
 
C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)
Patricia Aas
 
GitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo ManagementGitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo Management
John Anderson
 
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxyDEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
Felipe Prado
 
Exploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 EgghunterExploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 Egghunter
Ajin Abraham
 
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf Conference
 
Review unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphpReview unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphp
Damien Seguy
 
Long-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine VLong-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine V
PVS-Studio
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Codemotion
 

What's hot (20)

The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)The Anatomy of an Exploit (CPPP 2019)
The Anatomy of an Exploit (CPPP 2019)
 
Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)Reading Other Peoples Code (NDC Copenhagen 2019)
Reading Other Peoples Code (NDC Copenhagen 2019)
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)
 
C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)C++ for Java Developers (JavaZone Academy 2018)
C++ for Java Developers (JavaZone Academy 2018)
 
The Anatomy of an Exploit
The Anatomy of an ExploitThe Anatomy of an Exploit
The Anatomy of an Exploit
 
C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)C++ for Java Developers (JavaZone 2017)
C++ for Java Developers (JavaZone 2017)
 
The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))
 
Php5 certification mock exams
Php5 certification mock examsPhp5 certification mock exams
Php5 certification mock exams
 
PVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating systemPVS-Studio is ready to improve the code of Tizen operating system
PVS-Studio is ready to improve the code of Tizen operating system
 
Publishing a Perl6 Module
Publishing a Perl6 ModulePublishing a Perl6 Module
Publishing a Perl6 Module
 
Hollywood mode off: security testing at scale
Hollywood mode off: security testing at scaleHollywood mode off: security testing at scale
Hollywood mode off: security testing at scale
 
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
 
C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)C++ for Java Developers (SwedenCpp Meetup 2017)
C++ for Java Developers (SwedenCpp Meetup 2017)
 
GitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo ManagementGitGot: The Swiss Army Chainsaw of Git Repo Management
GitGot: The Swiss Army Chainsaw of Git Repo Management
 
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxyDEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
DEF CON 27 - AMIT WAISEL and HILA COHEN - malproxy
 
Exploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 EgghunterExploit Research and Development Megaprimer: Win32 Egghunter
Exploit Research and Development Megaprimer: Win32 Egghunter
 
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
ZFConf 2012: Dependency Management в PHP и Zend Framework 2 (Кирилл Чебунин)
 
Review unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphpReview unknown code with static analysis - bredaphp
Review unknown code with static analysis - bredaphp
 
Long-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine VLong-Awaited Check of CryEngine V
Long-Awaited Check of CryEngine V
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
 

Similar to Secure Programming Practices in C++ (NDC Oslo 2018)

Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Patricia Aas
 
C++ Core Guidelines
C++ Core GuidelinesC++ Core Guidelines
C++ Core Guidelines
Thomas Pollak
 
05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters
Alexandre Moneger
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects 100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
Andrey Karpov
 
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ BuilderA Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
Andrey Karpov
 
carrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-APIcarrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-API
Yoni Davidson
 
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
Pôle Systematic Paris-Region
 
07 - Bypassing ASLR, or why X^W matters
07 - Bypassing ASLR, or why X^W matters07 - Bypassing ASLR, or why X^W matters
07 - Bypassing ASLR, or why X^W matters
Alexandre Moneger
 
Price of an Error
Price of an ErrorPrice of an Error
Price of an Error
Andrey Karpov
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
PVS-Studio
 
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
AhmedElbaloug
 
MLSEC 2020
MLSEC 2020MLSEC 2020
MLSEC 2020
Zoltan Balazs
 
Quiz 9
Quiz 9Quiz 9
Quiz 9
Keroles karam khalil
 
C++ Training
C++ TrainingC++ Training
C++ Training
SubhendraBasu5
 
Introduction Of C++
Introduction Of C++Introduction Of C++
Introduction Of C++
Sangharsh agarwal
 
Advanced debugging  techniques in different environments
Advanced debugging  techniques in different environmentsAdvanced debugging  techniques in different environments
Advanced debugging  techniques in different environments
Andrii Soldatenko
 
0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf
KhaledIbrahim10923
 
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
corehard_by
 
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
Windows Developer
 
The First C# Project Analyzed
The First C# Project AnalyzedThe First C# Project Analyzed
The First C# Project Analyzed
PVS-Studio
 

Similar to Secure Programming Practices in C++ (NDC Oslo 2018) (20)

Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
Undefined Behavior and Compiler Optimizations (NDC Oslo 2018)
 
C++ Core Guidelines
C++ Core GuidelinesC++ Core Guidelines
C++ Core Guidelines
 
05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects 100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
 
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ BuilderA Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
 
carrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-APIcarrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-API
 
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
PyParis 2017 / Writing a C Python extension in 2017, Jean-Baptiste Aviat
 
07 - Bypassing ASLR, or why X^W matters
07 - Bypassing ASLR, or why X^W matters07 - Bypassing ASLR, or why X^W matters
07 - Bypassing ASLR, or why X^W matters
 
Price of an Error
Price of an ErrorPrice of an Error
Price of an Error
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
 
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
[GEMINI EXTERNAL DECK] Introduction to Gemini.pptx
 
MLSEC 2020
MLSEC 2020MLSEC 2020
MLSEC 2020
 
Quiz 9
Quiz 9Quiz 9
Quiz 9
 
C++ Training
C++ TrainingC++ Training
C++ Training
 
Introduction Of C++
Introduction Of C++Introduction Of C++
Introduction Of C++
 
Advanced debugging  techniques in different environments
Advanced debugging  techniques in different environmentsAdvanced debugging  techniques in different environments
Advanced debugging  techniques in different environments
 
0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf
 
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
The Hitchhiker's Guide to Faster Builds. Viktor Kirilov. CoreHard Spring 2019
 
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
Build 2016 - B880 - Top 6 Reasons to Move Your C++ Code to Visual Studio 2015
 
The First C# Project Analyzed
The First C# Project AnalyzedThe First C# Project Analyzed
The First C# Project Analyzed
 

More from Patricia Aas

NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfNDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
Patricia Aas
 
Telling a story
Telling a storyTelling a story
Telling a story
Patricia Aas
 
Return Oriented Programming, an introduction
Return Oriented Programming, an introductionReturn Oriented Programming, an introduction
Return Oriented Programming, an introduction
Patricia Aas
 
I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)
Patricia Aas
 
Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)
Patricia Aas
 
Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)
Patricia Aas
 
Classic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdfClassic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdf
Patricia Aas
 
Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)
Patricia Aas
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)
Patricia Aas
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
Patricia Aas
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
Patricia Aas
 
DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)
Patricia Aas
 
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Patricia Aas
 
Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)
Patricia Aas
 
Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019) Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019)
Patricia Aas
 
Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)
Patricia Aas
 
Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)
Patricia Aas
 
Make it Fixable (NDC Copenhagen 2018)
Make it Fixable (NDC Copenhagen 2018)Make it Fixable (NDC Copenhagen 2018)
Make it Fixable (NDC Copenhagen 2018)
Patricia Aas
 
Why Is Election Security So Hard? (Paranoia 2019)
Why Is Election Security So Hard? (Paranoia 2019) Why Is Election Security So Hard? (Paranoia 2019)
Why Is Election Security So Hard? (Paranoia 2019)
Patricia Aas
 
6 DevSecOps Hacks (femtech 2019)
6 DevSecOps Hacks (femtech 2019)6 DevSecOps Hacks (femtech 2019)
6 DevSecOps Hacks (femtech 2019)
Patricia Aas
 

More from Patricia Aas (20)

NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfNDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
 
Telling a story
Telling a storyTelling a story
Telling a story
 
Return Oriented Programming, an introduction
Return Oriented Programming, an introductionReturn Oriented Programming, an introduction
Return Oriented Programming, an introduction
 
I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)
 
Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)
 
Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)
 
Classic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdfClassic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdf
 
Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
 
DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)
 
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
 
Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)
 
Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019) Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019)
 
Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)
 
Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)
 
Make it Fixable (NDC Copenhagen 2018)
Make it Fixable (NDC Copenhagen 2018)Make it Fixable (NDC Copenhagen 2018)
Make it Fixable (NDC Copenhagen 2018)
 
Why Is Election Security So Hard? (Paranoia 2019)
Why Is Election Security So Hard? (Paranoia 2019) Why Is Election Security So Hard? (Paranoia 2019)
Why Is Election Security So Hard? (Paranoia 2019)
 
6 DevSecOps Hacks (femtech 2019)
6 DevSecOps Hacks (femtech 2019)6 DevSecOps Hacks (femtech 2019)
6 DevSecOps Hacks (femtech 2019)
 

Recently uploaded

De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
Jelle | Nordend
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Software Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdfSoftware Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdf
MayankTawar1
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
bim.edu.pl
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Hivelance Technology
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
Ortus Solutions, Corp
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 

Recently uploaded (20)

De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Software Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdfSoftware Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdf
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 

Secure Programming Practices in C++ (NDC Oslo 2018)

  • 2. Secure Programming Practices in C++ @pati_gallardo Patricia Aas NDC { Oslo } 2018
  • 3. Patricia Aas - Vivaldi Browser Programmer - mainly in C++ Currently : Vivaldi Technologies Previously : Cisco Systems, Knowit, Opera Software Master in Computer Science Twitter : @pati_gallardo Photos: pixabay.com - CC0
  • 4. Bjarne Stroustrup “C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do it blows your whole leg off.” @pati_gallardo
  • 5. Bjarne Stroustrup “Within C++, there is a much smaller and cleaner language struggling to get out.” @pati_gallardo
  • 6. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 8. CG: C++ Core Guidelines (328 pages!) @pati_gallardo
  • 9. C++ Core Guidelines “The C++ Core Guidelines are a collaborative effort led by Bjarne Stroustrup, much like the C++ language itself.” https://github.com/isocpp/CppCoreGuidelines/blob/master/README.md @pati_gallardo
  • 10. @pati_gallardo SEI: CERT C++ Coding Standard (435 pages!)
  • 11. SEI CERT C Coding Standard “The SEI CERT C [and C++] Coding Standard is a software coding standard for the C [and C++] programming language, developed by the CERT Coordination Center to improve the safety, reliability, and security of software systems.” https://en.wikipedia.org/wiki/CERT_C_Coding_Standard @pati_gallardo
  • 12. CWE : Common Weakness Enumeration (1572 pages!) @pati_gallardo
  • 13. Common Weakness Enumeration (CWE) “The Common Weakness Enumeration (CWE) is a category system for software weaknesses and vulnerabilities. It is sustained by a community project with the goals of understanding flaws in software and creating automated tools that can be used to identify, fix, and prevent those flaws.” https://en.wikipedia.org/wiki/Common_Weakness_Enumeration @pati_gallardo
  • 14. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 16. undefined behavior “Examples of undefined behavior are memory accesses outside of array bounds, signed integer overflow, null pointer dereference, modification of the same scalar more than once in an expression without sequence points, access to an object through a pointer of a different type, etc. Compilers are not required to diagnose undefined behavior (although many simple situations are diagnosed), and the compiled program is not required to do anything meaningful.” http://en.cppreference.com/w/cpp/language/ub @pati_gallardo
  • 17. - Don’t reason about undefined behaviour - Assume that it crashes or is never executed - Changing compiler, compiler version or optimization level can break your application Undefined Behaviour
  • 18. Infinite Loop (Undefined Behavior) #include <iostream> #include <complex> using namespace std; int main(void) { complex<int> delta; complex<int> mc[4] = {0}; for(int di = 0; di < 4; di++, delta = mc[di]) { cout << di << endl; } } @pati_gallardo (Thanks to @shafikyaghmour) https://stackoverflow.com/questions/32506643/c-compilation-bug Undefined Behavior!
  • 19. Infinite Loop (Undefined Behavior) Should we Godbolt this? https://godbolt.org/g/TDjM8h @pati_gallardo (Thanks to @shafikyaghmour) https://stackoverflow.com/questions/32506643/c-compilation-bug
  • 20. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 22. @pati_gallardo The Case Of The Disappearing Memset
  • 23. 0) CWE-14: Compiler Removal of Code to Clear Buffers void GetData(char *MFAddr) { char pwd[64]; if (GetPasswordFromUser(pwd, sizeof(pwd))) { if (ConnectToMainframe(MFAddr, pwd)) { // Interaction with mainframe } } memset(pwd, 0, sizeof(pwd)); // <- Removed by the optimizer } @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
  • 24. 0) CWE-14: Compiler Removal of Code to Clear Buffers Should we Godbolt this? https://godbolt.org/g/FpEsht @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
  • 25. Memset_s : Zeroing Memory // Compliant Solution (C11) memset_s(pwd, 0, sizeof(pwd)); // Windows Solution SecureZeroMemory(pwd, sizeof(pwd)); @pati_gallardo SEI: MSC06-C. Beware of compiler optimizations SEI: MEM03-C. Clear sensitive information stored in reusable resources
  • 26. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 28. 1. Unsigned Integer Wraparound 2. Signed Integer Overflow 3. Numeric Truncation 4. Stack Buffer Overflow 5. Heap Buffer Overflow 6. Buffer Underflow 7. Use After Free 8. Double Free 9. Incorrect Type Conversion 10. Uncontrolled Format String @pati_gallardo
  • 29. Code is on GitHub: https://github.com/patricia-gallardo/insecure-coding-examples Disclaimer: The concat buffer examples aren’t really fair because if you did concatenation of strings in this way you would have to take into consideration 0 termination of strings and that doesn’t fit on a slide, so... sigh @pati_gallardo
  • 30. 1) Unsigned Integer Wraparound 2) Signed Integer Overflow 3) Numeric Truncation Error
  • 31. 1) CWE-190: Unsigned Integer Wraparound int main(void) { unsigned int first_len = UINT_MAX; unsigned int second_len = 256; unsigned int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; if((first_len + second_len) <= 256) { // <- sum == 255 memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT30-C. Ensure that unsigned integer operations do not wrap
  • 32. 2) CWE-190: Signed Integer Overflow int main(void) { int first_len = INT_MAX; int second_len = 256; int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; if((first_len + second_len) <= 256) { // <- UB (negative) memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT32-C. Ensure that operations on signed integers do not result in
  • 33. 3) CWE-197: Numeric Truncation Error int main(void) { unsigned int first_len = UINT_MAX - 256; unsigned int second_len = 256; unsigned int buf_len = 256; char first[first_len], second[second_len], buf[buf_len]; int new_len = (first_len+second_len); // <- IDB (negative) if(new_len <= 256) { memcpy(buf, first, first_len); memcpy(buf + first_len, second, second_len); } } @pati_gallardo SEI-INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
  • 34. 4) Stack-based Buffer Overflow 5) Heap-based Buffer Overflow 6) Buffer Underwrite/Underflow
  • 35. 4) CWE-121: Stack-based Buffer Overflow @pati_gallardo int main(void) { char buffer[10]; // CWE-242 : Inherently Dangerous Function gets(buffer); // <- Write outside } SEI-STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
  • 36. 5) CWE-122: Heap-based Buffer Overflow int main(int argc, char * argv[]) { char* buf = (char*) malloc(sizeof(char)*10); strcpy(buf, argv[1]); // <- Write outside free(buf); } @pati_gallardo SEI-ARR38-C. Guarantee that library functions do not form invalid pointers
  • 37. 6) CWE-124: Buffer Underwrite / Underflow int main(void) { char src[12]; strcpy(src, "Hello World"); size_t length = strlen(src); int index = (length -1); while (src[index] != ':') { src[index] = '0'; index--; } } @pati_gallardo SEI-ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
  • 38. 7) Use After Free 8) Double Free
  • 39. 7) CWE-416: Use After Free @pati_gallardo int main(void) { char* buffer = (char*)malloc (256); bool error = true; if (error) free(buffer); // [...] if (error) printf("%lun", strlen(buffer)); //<- Use after free } SEI-MEM30-C. Do not access freed memory
  • 40. 8) CWE-415: Double Free @pati_gallardo int main(void) { char* buffer = (char*)malloc (256); bool error = true; if (error) free(buffer); // [...] free(buffer); // second free } SEI-MEM51-CPP. Properly deallocate dynamically allocated resources
  • 41. 9) Incorrect Type Conversion/Cast 10) Use of External Format String
  • 42. 9) CWE-704: Incorrect Type Conversion/Cast @pati_gallardo struct A {}; struct B {}; int main(void) { struct A * a = (struct A *) malloc (sizeof (struct A)); struct B * b = (struct B *) a; // cast to unrelated type } SEI-EXP05-CPP. Do not use C-style casts
  • 43. 10) CWE-134: Use of External Format String @pati_gallardo int main(int argc, char * argv[]) { char * format = argv[1]; char * str = argv[2]; printf(format, str); } $ ./format_string "%s %d" "Hello World" Hello World 1745066888 SEI-FIO47-C. Use valid format strings
  • 44. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 46. Classes of Tools - Several compilers - Warnings / Errors - Instrumentation - Static Analysis - Automated Tests - Fuzzing - Continuous Integration - Libraries @pati_gallardo
  • 47. What specs exist? Undefined Behavior Compiler Optimizations Exploitability Take your vitamins The Eight I'd Really Rather You Didn'ts @pati_gallardo
  • 48. The Eight I'd Really Rather You Didn'ts* *The Eight Condiments (Pastafarianism) @pati_gallardo
  • 49. Caution: Don’t take me too seriously. But seriously, think about it! *wink* @pati_gallardo
  • 50. The Eight I'd Really Rather You Didn'ts 1. Use C 2. Allocate with new 3. Do math a lot 4. Trust your external input 5. Use pointers a lot 6. Write “clever” code 7. Use shared_ptr a lot 8. Use share state a lot @pati_gallardo
  • 51. 1. I'd Really Rather You Didn't: Use C @pati_gallardo CG : CPL.1: Prefer C++ to C
  • 52. Std::string - Concatenate Strings int main() { std::string first = "Hello "; std::string second = "World"; std::string buffer = first + second; std::cout << buffer << "n"; } @pati_gallardo
  • 53. Std::cout/cin : Using the Command Line int main(int argc, char * argv[]) { std::string second; std::cin >> second; std::string first = argv[1]; std::string buffer = first + second; std::cout << buffer << "n"; } $ ./command_line "Hello " World Hello World @pati_gallardo
  • 54. Algorithms : Strip after Colon int main() { string str = "Hello:World"; auto isColon = [](int ch) { return ch == ':'; }; auto first = find_if(rbegin(str), rend(str), isColon); str.erase(first.base(), end(str)); } @pati_gallardo
  • 55. C++ Casts : Safe Downcasting class Spiderman {}; class Ironman {}; int main() { Spiderman * peter = new Spiderman; Ironman * tony = static_cast<Ironman*>(peter); } inheritance.cpp:6:20: error: static_cast from 'Spiderman *' to 'Ironman *', which are not related by inheritance, is not allowed Ironman * tony = static_cast<Ironman*>(peter); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated. @pati_gallardo
  • 56. @pati_gallardo CG : R: Resource management CG : R.11: Avoid calling new and delete explicitly 2. I'd Really Rather You Didn't: Allocate With New
  • 57. Allocating on the Stack #include "Hero.h" int main() { Hero h; } @pati_gallardo
  • 58. Where is it? Stack Hero stackHero; Heap unique_ptr<Hero> heapHero = make_unique<Hero>(); Hero * heapHero = new Hero(); @pati_gallardo
  • 59. Loving the Stack #include <iostream> #include <string> using namespace std; int main() { { string s("Hello World!"); cout << s; } // <- GC happens here! } @pati_gallardo
  • 60. Using the Stack To Manage Resource Lifetimes Destroyed when exiting scope Deterministic Garbage Collection @pati_gallardo
  • 61. Hold a Value on the Stack that Controls The Lifetime of Your Heap Allocated Object using namespace std; { unique_ptr<Hero> myHero = make_unique<Hero>(); shared_ptr<Hero> ourHero = make_shared<Hero>(); } Smart Pointers @pati_gallardo
  • 62. @pati_gallardo 3. I'd Really Rather You Didn't: Do Math A Lot
  • 63. Primitive types have no semantics, only limits Reduce the value space Keep it within defined behavior Enum class, string literals, user defined literals, size_t @pati_gallardo
  • 64. Enum Class @pati_gallardo enum class Direction : char { NORTH = 'N', EAST = 'E', WEST = 'W', SOUTH = 'S' }; std::ostream& operator << (std::ostream& os, const Direction& obj) { os << static_cast<std::underlying_type<Direction>::type>(obj); return os; } int main() { std::cout << "t" << Direction::NORTH << "n" << "t" << Direction::EAST << "n" << "t" << Direction::WEST << "n" << "t" << Direction::SOUTH << "n"; }
  • 65. String Literals @pati_gallardo using namespace std::literals::string_literals; int main() { auto heroes = {"Spiderman"s, "Ironman"s, "Wonder Woman"s}; for(auto const & hero : heroes) { std::cout << "t" << hero << "n"; } }
  • 66. 1) User Defined Literals @pati_gallardo int main() { auto h = 24_hours; auto d = 7_days; auto err = h + d; } user_defined_literals.cpp:25:21: error: invalid operands to binary expression ('Hours' and 'Days') auto err = hours + days; ~~~~~ ^ ~~~~ 1 error generated.
  • 67. 2) User Defined Literals @pati_gallardo struct Hours { explicit Hours(unsigned long long n) : num(n) {} unsigned long long num = 0; }; struct Days { explicit Days(unsigned long long n) : num(n) {} unsigned long long num = 0; };
  • 68. 3) User Defined Literals @pati_gallardo Hours operator "" _hours(unsigned long long num) { return Hours(num); } Days operator "" _days(unsigned long long num) { return Days(num); }
  • 69. Use Size_t for Sizes - Unsigned integer type - Result of the sizeof operator - Use for object sizes - Use for array indexing and loop counting @pati_gallardo
  • 70. @pati_gallardo 4. I'd Really Rather You Didn't: Trust Your External Input
  • 71. Taint - Is the source of this value in your code? - Command line args, size fields in headers, exported functions, APIs @pati_gallardo
  • 72. 5. I'd Really Rather You Didn't: Use Pointers a Lot @pati_gallardo
  • 73. @pati_gallardo 6. I'd Really Rather You Didn't: Write “clever” code
  • 74. 7. I'd Really Rather You Didn't: Use shared_ptr a Lot @pati_gallardo
  • 75. 8. I'd Really Rather You Didn't: Share State a Lot @pati_gallardo
  • 76. So… what should I remember from this presentation? @pati_gallardo
  • 77. Well, I'd Really Rather You Didn't: Use C @pati_gallardo
  • 78. Learn some Modern C++ Instead! @pati_gallardo