Software Vulnerabilities in C and C++
CppCon 2018
Patricia Aas, 26 September 2018
What does a vulnerability using signed integer overflow look like? Or a stack buffer overflow? How does code like this look and how can we change the way we program to reduce our risk? The first half of this talk will show examples of many different vulnerabilities and describe how these are combined to make the first steps of an exploit. Then we will discuss what kind of programming practices we can employ to reduce the chances of these kinds of bugs creeping into our code.