• A photo of the course instructor Peter Sommerlad
1 1

Event

Pre Conference Workshop: Peter Sommerlad, "Resilient C++ - Mitigate C++ Vulnerabilities"

Pre Conference Workshop: Peter Sommerlad, "Resilient C++ - Mitigate C++ Vulnerabilities"

$700.00 CAD
$700.00 CAD
Sale Sold out
Ticket Type

Abstract

C++ programmers suffer from the language's complexity as well as from its "super power" of backward compatibility that manifests known and sometimes lesser known deficiencies in language and standard library design.

In application areas where human live or capital is at risk, safe and secure code is a must, but even in other domains the internal quality of C++ programs is an important factor for programmers' effectiveness.

Writing safe and secure code is hard, and requires to circumvent undefined behavior and also portability issues, when development and target platforms differ. Knowing C++ vulnerabilities and potential mitigations is a first step to write better code. Fortunately, there exist guidelines and collections of potential programming pitfalls to draw from. Those might recommend to not use a language feature or use it in a specific way. Often enforced by static analysis tools, such guidance and tooling falls short when applied as an afterthought.

Also, guidelines might be formulated in a way that require you to violate them to achieven the goals of a system. Each deviation from such guidelines should be well thought of, must be documented for safety critical systems, and at best becomes tightly encapsulated.

Using dedicated libraries can help with sidestepping some of the vulnerability problems, such as the woes of implicit conversions of built-in integer types.

This workshop will show you where to look for pitfalls, as well as highlight specific ones and provides concrete design guidance and some libraries to use for your own C++ design and code to follow, so that your code becomes safer and less risky.

Outline

  • Properties of Safe and Secure Code
  • Origins and Evolution of Guidelines
  • From "Dos and Don'ts" to Design
  • Conscious Class Design * Value Values
  • Flavors of Manager Types
  • Strong Types (optional)
  • Integer types without UB and overhead (optional)
  • Understand Relationship Risks
  • Putting Plain Pointers away
  • AMA (ask me anything)
View full details

Full conference

General admission ticket to CppNorth 2023. Access to all talks, keynotes, and exhibitor spaces.

  • Hassle-Free Refunds

    Ticket is refundable up to 10 days prior to the start of the conference.