Newsletter Signup
Enter your e-mail:
Have Suggestions For Future Courses?
What do you need to learn? Your email address: Notify me when new courses become available.

 
Foundations of Security:
What Every Programmer Needs To Know
This web page contains errata for the book Foundations of Security: What Every Programmer Needs to Know.
  • page 17, middle: Ethereal is now called WireShark
  • page 59, line 10, "?" should be "."
  • page 79, item 9, should read "HTTP 1.1"
  • page 83, end of first full paragraph of section 5.1 should read "Then, when that disk is inserted"
  • page 95, Figure 6-1 should read "pass[16]" on both the Normal and Compromised Stack
  • page 97, grey box, line 3: "can used" -> "can be used"
  • page 98, The body of the safe_gets() function should have the following lines at the beginning of the function to prevent a buffer overflow: 
    if ((input == NULL) || (max_chars < 1)))
  return;
if (max_chars == 1) {
  input[0] = 0;
  return;
}
  • page 147, the test box on salting assumes that the number of users is much larger than 2^k. The number of guesses required by the attacker is n * min (v, 2^k) where v is the number of distinct salts that appear in the password file (as opposed to the number of users).
  • page 150, The source code for the Credentials object is not listed in Appendix B, but is available in the source code package available on this web site.
Thanks to Thomas Duebendorfer and Vivek Rau for finding bugs!

Learn what it takes to build secure systems by taking these courses! Pre-recorded lectures include slides and audio streaming -- take courses at your own pace!
Copyright © 2003-2004 LearnSecurity.com