https://florence-njeri.github.io/njeri/tags/secure-programming-lab/Recent content in Secure Programming Lab on Florence NjeriHugo -- gohugo.ioenFri, 24 Jan 2025 09:00:41 +0000https://florence-njeri.github.io/njeri/posts/toctou_c/Fri, 24 Jan 2025 09:00:41 +0000https://florence-njeri.github.io/njeri/posts/toctou_c/The objective of this lab is to build on our understanding of secure programming in C by analyzing, enhancing, and securing the functionality of the program from Project Lab 1, with a focus on identifying and mitigating vulnerabilities and improving resilience against attacks like fuzzing. This lab focuses on identifying vulnerabilities in the source code, applying and validating patches, and proposing future best practices to prevent similar issues. Additionally, we will analyze the code using security analysis tools (cppcheck) to find out about the vulnerabilities in code. After compiling the project, we will inspect the resulting binary in Ghidra to identify similarities and differences, which will further inform our understanding of the program’s security and allow us to apply effective mitigations.