Materials developed for CS1 focus on three important security vulnerabilities:

Integer errors

Integer errors can happen when assignments, mathematical operations, and external input lead to a result that is too large to fit within the range of values that can be stored in variables of a given data type. These errors can lead to loss of data due to overflow, truncation, or sign problems.

Injection module for: C++ Java
Answers (instructor access only): C++ Java

Input validation

Input validation vulnerabilities are caused by failure to verify that input data are within the right value range, contain the right data, or otherwise meet the appropriate specification.

Injection module for: C++     Java Python

Buffer overflow

Buffer overflow involves writing a value outside the boundaries of a bounded, static-size array.

Injection module for: C++ Java  Python
Answers (instructor access only): C++ Java 



Additional Modules

Best Practices for Secure Variables

Injection module for: Java

For more details regarding secure coding recommendations for C++ and Java, please refer to the   CERT Secure Coding Standards.

Copyright © Towson University