Secure coding in C and C++: strings
Strings—such as command-line arguments, environment variables, and console input—are of special concern in secure programming because they comprise most of the data exchanged between an end user and a software system. This chapter covers the security issues with strings and how you can sidestep them.
By Robert Seacord at InformIT.
[ Read more ]