Advanced Security

Defending C

Course Learning Objectives

  • Learn how C and C++ vulnerabilities occur in desktop software.
  • Discover buffer overflows and the dangers of aspects of pointers, memory management and more.
  • Understand how to securely code in C while learning about the common pitfalls to programming in the C language.


Understand desktop software vulnerabilities when it comes to creating software in C/C++. Students will learn about safe memory management, insecure functions and how to defend against buffer overflow security concerns from unmanaged languages.


C++ developers / C++ architects

Time Required

60 minutes total

Course Outline

  1. Memory organization
    • Memory space layout
    • Environment
    • Argument
    • Stack
    • Function call examples
    • Heap
    • .bss/.data/.text
  2. Pointers
    • Pointer arithmetic
    • Bad pointer arithmetic examples
    • Loop
    • Off by one
    • Excessive increment
    • Vulnerabilities prevention
    • Buffer overflows
    • Buffer overflow examples
    • Data manipulation
    • Escalation of privileges
    • Denial of service
    • Arbitrary code execution
    • Step-by-step demo
    • Buffer overflow impact and causes
    • Buffer overflow prevention
  3. Format strings
    • Printf examples
    • Conversion specifiers
    • Format string vulnerability examples
    • Format string causes
    • Format string defense
  4. System calls
    • System call examples
    • Performance problems
    • Reliability problems
    • Security problems
    • System call issue prevention techniques

$143.00 *prices shown in USD Add to Cart or Subscribe your team