Introduction to the Secure Development Lifecycle

Injection module for:  C++  Java  Python

Integer errors

Integer errors can happen when assignments, mathematical operations, and external input lead to a result that is too large to fit within the range of values that can be stored in variables of a given data type. These errors can lead to loss of data due to overflow, truncation, or sign problems.

Injection module for: C++ Java Pseudocode
Answers (instructor access only): C++ Java Pseudocode
Security Injections 2.0 (preview) C++    
 

Input validation

Input validation vulnerabilities are caused by failure to verify that input data are within the right value range, contain the right data, or otherwise meet the appropriate specification.

Injection module for: C++ Java Python Pseudocode
Answers (instructor access only): C++ Java Python Pseudocode
 

Buffer overflow

Buffer overflow involves writing a value outside the boundaries of a bounded, static-size array.

Injection module for: C++ Java  Python Pseudocode
Answers (instructor access only): C++ Java     

 

For more details regarding secure coding recommendations for C++ and Java, please refer to the   CERT Secure Coding Standards.

 
Copyright © Towson University