Artwork

Contenuto fornito da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !

Mark Dowd, John Mcdonald & Neel Mehta: Breaking C++ Applications

1:15:15
 
Condividi
 

Manage episode 152211985 series 1053194
Contenuto fornito da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
This presentation addresses the stated problem by focusing specifically on C++-based security, and outlines types of vulnerabilities that can exist in C++ applications. It will examine not only the base language, but also covers APIs and auxillary functionality provided by common platforms, primarily the contemporary Windows OSs. The topics that will be addressed in this presentation include object initialization/destruction, handling object arrays, implications of operator overloading, and problems arising from implementing exception handling functionality. Various STL classes will also be discussed in terms of how they might be susceptible to misuse, and unexpected quirks that can manifest as security problems. This presentation will include discussion of bug classes that have yet to be discussed or exploited in a public forum (to our knowledge) for the topic areas outlined.
  continue reading

89 episodi

Artwork
iconCondividi
 
Manage episode 152211985 series 1053194
Contenuto fornito da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
This presentation addresses the stated problem by focusing specifically on C++-based security, and outlines types of vulnerabilities that can exist in C++ applications. It will examine not only the base language, but also covers APIs and auxillary functionality provided by common platforms, primarily the contemporary Windows OSs. The topics that will be addressed in this presentation include object initialization/destruction, handling object arrays, implications of operator overloading, and problems arising from implementing exception handling functionality. Various STL classes will also be discussed in terms of how they might be susceptible to misuse, and unexpected quirks that can manifest as security problems. This presentation will include discussion of bug classes that have yet to be discussed or exploited in a public forum (to our knowledge) for the topic areas outlined.
  continue reading

89 episodi

모든 에피소드

×
 
Loading …

Benvenuto su Player FM!

Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.

 

Guida rapida