Skip to content

Details

As promised, this is the first in series of Secure Programming Workshops.

*** YOUTUBE LINK: https://www.youtube.com/watch?v=fJj4Bm4YPWQ ***

# Numeric Overflow
Numeric overflow (and underflow) is a security bug that can effect many programs and appear in almost every programming language or framework. From Aviation industry to video games, this bug has resulted into severe security vulnerabilities. It can go undetected easily and programming language frameworks have failed to address it. A programmer should be aware what Numeric Overflow is and how to eliminate it effectively.

This workshop is divided into two parts: theory (lecture) and hands-on (lab).
In the first part, we are going to learn what numeric overflow (and underflow) is and deep dive into computer internals to understand why it happens.
In the second part, we are going to find and effectively patch this bug in a given program. We will learn how to detect this bug at run-time (blackbox) and by code-review (whitebox). We will then learn what are effective ways to address this bug.

by Dr. Pedram (pi3ch) Hayati

# Requirements
To do the lab you need well-configured docker and make utility.

# Call for participation
For the second part, I want to make this workshop interactive.
I would like to invite a few Java and JavaScript developers to join me on the livestream as I guide you through solving the lab. Please DM pi3ch on Twitter/Slack or email sydney@sectalks.org. You need to have some coding experience in Java or JavaScript.

# Sponsors

Atlassian Sydney (https://bit.ly/2Hk2qX1)

Google Sydney (https://bit.ly/2IiKrCm)

SecDim (https://j.mp/1qgPo0a)

For sponsoring SecTalks Sydney, Please contact sydney@sectalks.org

You may also like