Secure C++ Coding

DAY 1

Quick Start

• Overview of the course
• Dissecting a classic buffer overflow example

Introduction to x86_64 assembly

• How to read
• Most common opcodes
• Resources
• Examples, GDB

The Stack (and the x86 calling convention)

• Stack organization
• Buffer Overflows / Stack Smashing
• Arc Injection, etc
• Strategies, Safe string handling
• Exercises

Security Mindset

• Theory and examples

Memory model

• Linux ELF execution environment
• Libc and dynamic loader
• Dynamic Memory Management
• Heap overflow and related vulnerabilities
• Mitigation strategies
• Exercises

Architectural protection

• Compiler-generated checks
• Runtime protection
• W^X
• PaX
• Drawbacks, weaknesses
  • Concept through examples: Return Oriented Programming

DAY 2

Integer and Floating point safety

• Integer and Floating point overflow, Overview
• Signed and unsigned
• Denormals, NaNs, …
• Safe Math
• Patterns to avoid
  • Enums and casts
• Strategies, Exercise

Concurrency

• Concurrency vs Parallelism
• Multithreading
  • Mutexes, locks and safety
  • Deadlocks and liveness
• Common errors and vulnerabilities
• Strategies, Exercise

Performance - Security tradeoffs

• Discussion and Examples

Pointer and Exception Handling

• Data locations and ELF sections
• Function pointers
• Virtual pointers
• Exception and destructors/deallocators
• Exit and longjmp
• Strategies
  • Smart pointers

Secure I/O

• File I/O and security
  • Linux specific topics
  • Races
• Input validation
• Strategies

Modern C++

• Move semantics
• Reference types and qualifiers
• Security related changes in the C++ standards

Miscellaneous rules for code hygiene

• CERT standards and resources
• Preprocessor and macros
• Variadic functions
• Syntactic ambiguity
• Static objects
• Header files, namespaces
• Signals

What else? Topics we didn't touch

• String encodings, Unicode
• Handling sensitive information
• Secure communication
• Practical cryptography
• Further resources