[Wolves] Programming for People Who Can Already Program

bambam at opendildonics.org bambam at opendildonics.org
Sun Dec 14 23:12:06 GMT 2003 

On Sun, 14 Dec 2003, Peter Oliver wrote:

> Ah, that reminds me.  The time is well overdue that I got around to
> learning C.  Can anyone recommend a good book for someone who can already
> program in other languages?

I'm afraid you're probably mostly out of luck. Nearly all C
books I've ever seen were written with phrases like: "when
the ANSI standard is published"

> Programming Perl, better known as The Camel Book, lays out the whole Perl
> syntax in the first two chapters, leaving most of the rest of the book as
> a reference for the built-in functions and such.  This is the kind of book
> that I'm after.  I don't want a book that's two inches thick but you have
> to read the first five chapters before you get on to arrays.  I do want
> something that goes to the trouble of telling me how to avoid pitfalls
> such as buffer overflows.

Well, now you *really* are out of luck. Even "Advanced Linux
Programming" which has a whole section on secure coding
doesn't adequately explain anything at all.

Not even the secure unix programming FAQ explains this topic
properly. I guess the people who really understand it are
either too busy fixing the code or owning your box to bother
writing books on how to to it.

> I don't really intend to do a great deal of C programming, but I would
> like to learn enough C to do things like writing Perl binding for C
> libraries, and be able to fix simple bugs in other people's code rather
> than submitting to their bugzilla and waiting.

library binding - indeed, most helpful task, and i
sympathise with the bugzilla thing.

The only real way to understand the nature of security flaws
it to attempt to exploit them.

There will be no quick guide on how to write secure code
(and if anyone has one I'll be interested (but skeptical)).
Pick your way through aleph1's original "smashing the stack
for fun and profit" and write some buffer overflow exploits.

Then read about other conceptual problems and attempt to
exploit them off your own bat.

That's all after you've read: "Learning to program in C".
It's a compressed to shit-ery intro to the language that
doesn't hang about. It's part of the Bernard-Babani books
collection (you know, like, build your own radio/electronics
kit/interstella travellator/rf oscilloscope type things)
that should still be in WH smiths and Waterstones.

I think it's got about 80 pages. Fully short, little book.
You can even read it on the bus.

bambam

More information about the Wolves mailing list