COMS20012

Lecture 2 - Software Security II

The material is subdivided in small videos.

Please, watch the videos and go through the reading material in your own time.

Also remember to work on the accompanying exercises sheet

Video	Links	Reading Material
Introduction to Memory Safety	video (24min) pdf	What is Memory Safety by Prof. M. Hicks (Read upto first 3 section, i.e. everything before the section Pointers as capabilities)
Introduction to Buffer Overflow	video (41min) pdf	Text book Chapter 3– Section 4.1, 4.2, 4.3; CERT’s Common vulnerability C; For more info SANS’s Buffer Overflow for Dummies.
Introduction to Integer Overflow	video (20min) pdf	Text book Chapter 3– Section 4.2; Phrack Basic Integer Overflows By blexim, First two sections.
Introduction to Format String Error	video (18min) pdf	Text book Chapter 3– Section 4.5

Q&A

First 7 minutes audio had problem, the point covered were:

• hello and thanks to everyone!
• it is a 20 credits unit work accordingly;
• come prepared to the labs (i.e. don’t start the lab at 2pm on Tuesday get at least the environment setup before that);
• first lab was a bit chaotic (this is expected), we have asked the department an extra session to help you setup your machine. Cohort-level TA(s) should be in touch with you.

Fill our survey