As mentioned in my About section, I’m currently working on my Master of Science in Computer Security. Fundamentally its only a handful of classes different from the MS in Computer Science so I’m taking a slew of programming centric courses.
This week I received the book for next semester and started reading through it. I’m very happy to say that writing code with security in mind was mentioned several times. And it’s not all just your standard stuff about buffer overflows either. This selection below is from the preface:
Having a solid understanding of computer arithmetic is critical to writing reliable programs. For example, one cannot replace the expression (x<y) with (x-y<0) due to the possibility of overflow. One cannot even replace it with the expression (-y<-x) due to the asymmetric range of negative and positive numbers in thetwo’s compliment representation. Arithmetic overflow is common source of programming errors, yet few other books cover the properties of computer arithmetic from a programmer’s perspective.1
1 Bryant, Randal E. and David R. O’Hallaron. Computer Systems: A Programmer’s Perspective.
New Jersey: Pearson Education, 2003.