Buy new:
-36% $48.27
Delivery Friday, October 11
Ships from: Amazon.com
Sold by: Amazon.com
$48.27 with 36 percent savings
List Price: $74.99
The List Price is the suggested retail price of a new product as provided by a manufacturer, supplier, or seller. Except for books, Amazon will display a List Price if the product was purchased by customers on Amazon or offered by other retailers at or above the List Price in at least the past 90 days. List prices may not necessarily reflect the product's prevailing market price.
Learn more
FREE International Returns
No Import Fees Deposit & $17.11 Shipping to Austria Details

Shipping & Fee Details

Price $48.27
AmazonGlobal Shipping $17.11
Estimated Import Fees Deposit $0.00
Total $65.38

Delivery Friday, October 11. Order within 19 hrs
Or fastest delivery Thursday, October 3
In Stock
$$48.27 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$48.27
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Ships from
Amazon.com
Ships from
Amazon.com
Sold by
Amazon.com
Sold by
Amazon.com
Returns
30-day refund/replacement
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Returns
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
$17.95
FREE International Returns
Minimal signs of wear. Ships direct from Amazon! Minimal signs of wear. Ships direct from Amazon! See less
Delivery Monday, October 14. Order within 21 hrs
Or fastest delivery Thursday, October 3
Only 1 left in stock - order soon.
$$48.27 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$48.27
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Access codes and supplements are not guaranteed with used items.
Added to

Sorry, there was a problem.

There was an error retrieving your Wish Lists. Please try again.

Sorry, there was a problem.

List unavailable.
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the author

John Viega
Follow
Something went wrong. Please try your request again later.

Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More 1st Edition

by John Viega (Author), Matt Messier (Author)
4.4 4.4 out of 5 stars 39 ratings
See all formats and editions
{"desktop_buybox_group_1":[{"displayPrice":"$48.27","priceAmount":48.27,"currencySymbol":"$","integerValue":"48","decimalSeparator":".","fractionalValue":"27","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"SmgEzoJBzVt0aLcobLH3A9z4Bj5Fy0h1%2BgUjZDGNZCXiqkizG7oBajkbux3aSmhaZG70qB%2FRcHK8Pk6LxpXlVouT%2FZC6SN50pB7b4QJ02isTdBt5DSsum%2F0edGQ8ePfophoO15ZO3Ys%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$17.95","priceAmount":17.95,"currencySymbol":"$","integerValue":"17","decimalSeparator":".","fractionalValue":"95","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"SmgEzoJBzVt0aLcobLH3A9z4Bj5Fy0h1iV8NOH3aQLpkNQpqnmjahg9empHZOq3CauVJLmnm6RNHVUFopysuvW9DODEahTv6VqJwRIaym7jR4f4U6KNMSbu6c36RCPy0aQQgRQY1tvbzg1T6X3f%2Fff3VieiBKl%2B%2FJuFL9qud9vax%2B2RPUA4Nkw%3D%3D","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:
  • How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
  • How to properly SSL-enable applications
  • How to create secure channels for client-server communication without SSL
  • How to integrate Public Key Infrastructure (PKI) into applications
  • Best practices for using cryptography properly
  • Techniques and strategies for properly validating input to programs
  • How to launch programs securely
  • How to use file access mechanisms properly
  • Techniques for protecting applications from reverse engineering
The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.

Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Previous slide of product details
  1. ISBN-10
    0596003943
  2. ISBN-13
    978-0596003944
  3. Edition
    1st
  4. Publisher
    O'Reilly Media
  5. Publication date
    August 19, 2003
  6. Language
    English
  7. Dimensions
    7 x 1.51 x 9.19 inches
  8. Print length
    790 pages
  9. See all details
Next slide of product details

Frequently bought together

Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
This item: Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
$48.27
In Stock
Ships from and sold by Amazon.com.
+
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them
$42.39
In Stock
Ships from and sold by Amazon.com.
+
Secure Software Development: A Security Programmer's Guide
$167.83
Get it as soon as Thursday, Oct 3
Only 3 left in stock - order soon.
Sold by Apex_media🍏 and ships from Amazon Fulfillment.
Total price: $00
To see our price, add these items to your cart.
Details
Added to Cart
spCSRF_Treatment
Some of these items ship sooner than the others.
Show details Hide details
Choose items to buy together.

Editorial Reviews

About the Author

John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles.

Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts.

Product details

  • Publisher ‏ : ‎ O'Reilly Media; 1st edition (August 19, 2003)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 790 pages
  • ISBN-10 ‏ : ‎ 0596003943
  • ISBN-13 ‏ : ‎ 978-0596003944
  • Item Weight ‏ : ‎ 2.82 pounds
  • Dimensions ‏ : ‎ 7 x 1.51 x 9.19 inches
  • Customer Reviews:
    4.4 4.4 out of 5 stars 39 ratings

About the author

Follow authors to get new release updates, plus improved recommendations.
John Viega

John Viega

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

John is Executive Vice President at SilverSky, the leader in cloud security solutions. John is the former editor-in-chief for IEEE Security and Privacy Magazine, and his technical work in cryptography has been standardized by NIST, the IEEE and IETF. Prior to SilverSky, John was CTO for Software-as-a-Service at McAfee.

John started out writing fiction in high school and college, but Randy Pausch (of Last Lecture Fame) convinced him to make a career in technology.

Customer reviews

4.4 out of 5 stars
39 global ratings

Top reviews from the United States

Peter
5.0 out of 5 stars Computer Security is Far More Complex Than I Thought
Reviewed in the United States on May 19, 2022
Verified Purchase
This book provides insights and techniques for managing encryption
algorithms, public keys, password selection, SSL, buffer overflow and
its prevention, and many vulnerabilities that I never knew existed.

One problem that I thought I understood was the complete removal
of a file from disk. I learned that there are many utilities and appli-
cations that make hidden and unrequested file copies which are beyond
the command line to detect or to eliminate.
One person found this helpful
Helpful
 Report
bearieq
5.0 out of 5 stars masterful work, loads of info, well written
Reviewed in the United States on August 9, 2012
Verified Purchase
A masterful work. Bursting with loads of useful information, always gets right to the point, has just the right density of code examples, and is extremely well organized and well written (with one exception -- see below). Should be on every expert programmer's bookshelf. Even if you never need to do crypto in your programs, get this book and at least read all the "Problem" and "Solution" sections -- it'll only take a couple of hours, and you will be much smarter after you are done. I have only two complaints. First, section 10.1 on PKI is uncharacteristically sloppy, annoyingly redundant, and in a few places literally unparseable. Second, the authors, like the authors of every security textbook I've ever read, seem to believe that real C programmers will actually use things like the safestr library instead of nul-terminated arrays in their programs. Not going to happen, folks.
2 people found this helpful
Helpful
 Report
W Boudville
5.0 out of 5 stars Voluminous and comprehensive
Reviewed in the United States on August 17, 2003
If you are interested in encryption, you should probably get Bruce Schneier's Applied Cryptography, which is generally considered the standard summary of the field. But suppose you actually want to use some of the symmetric key or public key methods he describes? If you want to code from scratch, his book is a good starting point. But if you want to quickly avail yourself of the best existing methods and you don't want to reinvent the wheel by recoding? Also, it can be risky to do that. A mistake made in coding a crypto algorithm might render it insecure. Better to use reviewed, tested code.
If this describes your needs and you code in C or C++, then this book will be invaluable. Extensive code fragments that show how you can interface to existing crypto packages. Very detailed. You won't find theorems or any elegant maths here. No Chinese Remainder Theorem or Fermat's theorems. You have to already know or accept the theoretical underpinnings.
Given this, the book takes you into the nitty gritty of every major publicly available cryptosystem. With up to date assessments of their comparative strengths.
All of the above is aimed at application developers. The book also has sections for sysadmins of both unix and Microsoft operating systems, replete with suggestions on patching and good practice.
Don't be daunted by the book's heft. It is encyclopaedic in scope, and access is reasonably random access. The authors have striven to comprehensively span the field. You don't have to read from start to finish before you can commence using it.
18 people found this helpful
Helpful
 Report
Petr Smirnov
4.0 out of 5 stars Four Stars
Reviewed in the United States on November 22, 2016
Verified Purchase
Detailed but a bit incomplete
Helpful
 Report
"lucincia"
5.0 out of 5 stars Bought it for one reason but ended up using it.
Reviewed in the United States on October 16, 2003
To be truthful, I bought this book because the "gang" I hang out with is mentioned in the Acknowledgments section of the book. That was the ONLY reason when I sent money to Amazon.Com and purchased it for the dusty collection on my bookshelf.
But, when I got it and chuckled over the Acknowledgements section, I started to mindlessly flip through the book. Mindless page flipping soon turned to semi-conscious scanning. Semi-conscious scanning soon turned to serious reading. I find myself reading the book more and more, jumping back and forth between sections I find interesting and useful.
As a Windows C++ programmer for in-house tools, I do not dwell much on secure programming concepts. Yes, this is very, very bad way to program, so those of you reading this review should not try it at home. This book has shown the errors of my ways, revealed security issues that I have overlooked by accident or on purpose and gave concepts and examples that I can apply in my projects.
This book is one reference that I will be going back over and over again. The authors and editors have done a wonderful job to make the reading flow nice and easy. It is also very well laid out by stating the problem you may encounter, followed by a solution and then detailed discussion section with code samples.
For any C/C++ programmer making software to be used by more than one person, this reference book is a must.
You can still read the Acknowledgments and marvel at my name on there, of course.
18 people found this helpful
Helpful
 Report
Brian Wotring
5.0 out of 5 stars best o'reilly book I've ever purchased
Reviewed in the United States on August 8, 2003
If you develop software, any kind of software, you need this book.
The importance of understanding the security surrounding the development of software is finally being realized. This book provides a complete reference for the secure implementation of common operations that software developers often fail to do correctly.
One of the best things about this book is that it covers so many topics that are often left out of secure programming texts. It is in cookbook format which is really nice for quick reference as well as accommodating readers that have different levels of experience in this area. Both the problem and the solution are explained and real source code is provided leaving the reader with an understanding of the risks, and practical solutions that can be incorporated into their software projects.
The topics that impressed me most were: privilege separation, secure child process creation, executing external processes, safe file and string operations, random number generation, input validation, and the ways to safeguard against many types of attacks. There are also many good tips for safeguarding networked applications. For the more intensive apps, there is in-depth coverage of symmetric and public key crypto, key management, using OpenSSL, and dealing with X.509 certs (including validation techniques).
It's nice to see so much useful information related to secure software development packed into a single resource!
11 people found this helpful
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
Roberto Piccardi
4.0 out of 5 stars ottimo libro
Reviewed in Italy on January 14, 2021
Verified Purchase
Ottimo libro per avere una cbase di crittografia
Report
Mr Misery
5.0 out of 5 stars If secure "C" coding is your interest then this is the book for you.
Reviewed in the United Kingdom on June 11, 2020
Verified Purchase
Bought this to use for work, and have been dipping into this for ideas. There are lots of ideas.
A good book for the advanced "C" programmer.
Report
enrico besenyei
5.0 out of 5 stars Parfait
Reviewed in France on December 3, 2014
Verified Purchase
Non seulement ce livre a répondu à mes attentes, mais aussi il est allé largement au-delà de tout ce que j'aurais pu espérer.
Si vous êtes curieux, ce livre est vraiment fait pour vous.
Report
Leon
5.0 out of 5 stars Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Reviewed in the United Kingdom on July 9, 2012
Verified Purchase
I would consider this book essential for anyone working in this field. Some of the examples are slightly outdated and need to be updated for 64 bit tests, but regardless, all issues explained clearly and concisely. A reference bok for those who are experienced, for the rest of us an excellent tutorial.
Report
Client d'Amazon
3.0 out of 5 stars Beware of errata
Reviewed in France on November 16, 2019
Verified Purchase
Well written, this book gives good ideas to implement (for the few I read yet). I removed stars because code source looks not have been correctly tested/reviewed. So if you want to buy this book please also refer to errata on the O'Reilly website. This book needs a new revision.
Report