(c)We Want to Hear from You
Secure Coding in C and C++
Second Edition
Copyright © 2013 Pearson Education, Inc.
ISBN-10: 0321822137
ISBN-13: 9780321822130
Warning and Disclaimer
Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an "as is" basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.
When reviewing corrections, always check the print number of your book. Corrections are made to printed books with each subsequent printing.
Corrections for all Printings
|Pg |Error |Correction |
|42 |Example 2.1 Reading fromstdin() |Example 2.1 Reading from stdin |
|43 |Reading data from unbounded sources (such as stdin()) creates an interesting |Reading data from unbounded sources (such as stdin) creates an interesting problem for a programmer. |
| |problem for a programmer | |
|46 |The extraction operation can be limited to a specified number of characters |This paragraph is duplicative and should be removed. |
| |(thereby avoiding the possibility of an out-of-bound s write) if the field width | |
| |inherited member (ios_base::width) is set to a value greater than 0. In this | |
| |case, the extraction ends one character before the count of characters extracted | |
| |reaches the value of field width, leaving space for the ending null character. | |
| |After a call to this extraction operation, the value of the field width is reset | |
| |to 0. | |
|63 |Return Addr Caller —main 4 bytes) "W>*!" (return to line 6 was line 3) |Return Addr Caller —main (4 bytes) "j>∗!" (return to line 6 was line 3) |
|65 |cd 50 |cd 80 |
|66 |int $0x50 |int $0x80 |
|68 |int $80 |int $0x80 |
|91 |Example 2.15 shows the Open Watcom implementation of the strcp_s() function. The |Example 2.14 shows the Open Watcom implementation of the strcp_s() function. The runtime-constraint |
| |runtime-constraint error checks are followed by comments. |error checks are followed by comments. |
|92 |However, the destination string is set to the null string and a nonzero value is|The strcat_s() function returns 0 on success. A runtime-constraint violation occurs if the source or|
| |returned if either the source or destination pointer is NULL or if the maximum |destination string is a null pointer, copying takes place between overlapping objects, the maximum |
| |length of the destination buffer is equal to 0 or greater than RSIZE_MAX. |length of the destination buffer is equal to 0 or greater than RSIZE_MAX, the destination string is |
| | |not properly null-terminated, or there is insufficient space remaining in the destination string to |
| | |copy the source string. If there is a runtime-constraint violation, and the destination string is |
| | |not a null pointer and the maximum length of the destination buffer is equal to 0 or greater than |
| | |RSIZE_MAX, then the destination string is set to the null string. |
|115 |memcpy_s(pBuff, 4096); |memcpy_s(pBuff, ...); |
|122 |2. For a loop limited by upper bound, a loop limited by Hi, or a loop limited by |2. For a loop limited by upper bound, a loop limited by Hi, or a loop limited by null terminator, the|
| |null terminator, the buffer must be at a lower memory address than the target |buffer must be at a lower memory address than the target function or object pointer. For a loop |
| |function or object pointer. For a loop limited by lower bound or a loop limited |limited by lower bound or a loop limited by Lo, the buffer must be at a higher memory address than |
| |by Lo, the buffer must be at a lower memory address than the target function or |the target function or object pointer. |
| |object pointer. | |
|183 |Size of last 4 bytes or prev (occur 3 times) |Size or last 4 bytes of foregoing |
|185 |There are, however, well-known techniques that are not difficult to adapt to |There are, however, well-known techniques that are not difficult to adapt to exploit common |
| |exploit common programming flaws in dynamic memory management. Buffer overflows, |programming flaws in dynamic memory management. Buffer overflows, for example, can be used to corrupt|
| |for example, can be used to corrupt data structures used by the memory manager to|data structures used by the memory manager to execute arbitrary code. Both the unlink technique and |
| |execute arbitrary code. Both the unlink and frontlink techniques described in |the frontlink technique described in the next section can be used for this purpose. |
| |this section can be used for this purpose. | |
|253 |For example, for an implementation in which the width of int is greater than the |For example, for an implementation in which the width of long int is greater than the width of signed|
| |width of short, the following code has implementation-defined behavior or may |char, the following code has implementation-defined behavior or may raise an implementation-defined |
| |raise an implementation-defined signal: |signal: |
|253 |The following code can be used, for example, to convert from a signed int to a |The following code can be used, for example, to convert from a signed long int to a signed char: |
| |signed char: | |
|255 |Table 5.9, Row for “char to unsigned long” conversion, Method column: |Table 5.9, Row for “char to unsigned long” conversion, Method column: |
| |Sign-extend to unsigned long; convert long to unsigned long | |
| | | |
| | |Sign-extend to long; convert long to unsigned long |
|255 |Table 5.9, From column in all four instances: char |Table 5.9, From column in all four instances: signed char |
|227 |C requires that unsigned integer types represent values using a pure binary |C requires that unsigned integer types represent values using a pure binary system with no offset. |
| |system with no offset. This means that the value of the binary number is |This means that the value of the binary number is |
| |[pic] |[pic] |
|270 |[pic] |[pic] |
|288 |table[pos] = value; is equivalent to (table + (pos * sizeof(int))) = value; |table[pos] = value; is equivalent to |
| | |*(int *)((char *)table + (pos * sizeof(int))) = value |
|365 |If the platform were to write a 16-bit short int, it might do so by writing first|If the platform were to write a 16-bit short int, it might do so by writing first the upper 8 bits in|
| |the upper 8 bits in one instruction and then the lower 8 bits in a second |one instruction and then the lower 8 bits in a second instruction. If two threads simultaneously |
| |instruction. If two threads simultaneously perform a write to the same short int,|perform a write to the same short int, it might receive the lower 8 bits from one thread but the |
| |it might receive the lower 8 bytes from one thread but the upper 8 bytes from the|upper 8 bits from the other thread. |
| |other thread. | |
This errata sheet is intended to provide updated technical information. Spelling and grammar misprints are updated during the reprint process, but are not listed on this errata sheet.
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- why do you want to teach essay
- why do you want to teach
- why you want to be a teacher
- why you want to work here examples
- why do you want to teach here
- why do you want to attend college
- why do you want to study medicine
- why you want to teach
- looking forward to hearing from you synonym
- why you want to be teacher essay
- just want to let you know
- i want to let you know synonym