The book aims to give an overview of programming errors that lead to possibly exploitable software defects. Some of these are errors you'd think only an amateur wouldn't avoid, others exploits are only possible due to complex combinations of compiler- or platform-specific behaviour and seemingly minor oversights. Each of the chapters is written by a different author, so they vary in quality and sometimes, as a programmer, you might be tempted to skip passages, because you just don't use the techniques described (good for you). But if you've got to review or refactor code you might come upon these techniques sooner or later, so it might be good to know about them anyway. Examples and code fragments are understandable; as some of the techniques used in exploiting software defects are quite advanced magic it may sometimes necessary to reread sections.
Sehr detailliert und anschaulich beschäftigt sich der Autor mit den Fallen, welche die Sprachen C und C++ für die Programmierer so bereit halten.
Zahlreiche Beispiele machen Probleme wie "buffer overflow", "arc injection" oder "integer security" anschaulich - zumindest für den Programmierer. Ams Lehrbuch und zum Selbststudium sehr empfehlenswert.