Decodering: Examining MongoBleed and avoiding it with static analysis

This talk examines the Mongobleed vulnerability in MongoDB, where database internals were leaked.

We will explore static analysis techniques to prevent such issues, including compiler warnings for uninitialized variables and adherence to C++ (and most languages) core guidelines that favor return values over output parameters.

By analyzing code examples and comparing C-style pointers with modern C++ ranges, the presentation demonstrates how static tools can enhance code safety and security.