Took a course on software security at Coursera. Here is a list of readings from the professor:
Week 1ReadingsRequired Reading
The only required reading this week is the following:
- Common Vulnerabilities Guide for C programmers. Take note of the unsafe C library functions listed here, and how they is the source of the buffer overflow vulnerabilities. This list is relevant for the project and this week ' s quiz.
- (Reference) Memory layout. Explains a C program's memory layout, replicating the discussion in the second lecture.
Supplemental readings
The following readings is Optional:they is meant to supplement the material is getting in the videos. Check them out if your is interested in learning more, or if you just want to see it all explained in a different.
- (Reference/refresher) PC Assembly Language, by Paul Carter. Introduces x86 assembly, and should complement ideas seen in the lectures.
- Smashing the Stack for fun and profit-original article on the topic by Aleph One, in 1996
- Exploiting format string Vulnerabilities-report describing these format string attacks when they were first recognized
- Basic Integer overflows-discussion of how overflowing integers can be a vector of attack
After-school reading Supplement to the software Security course on Coursera