Safeguard
Tag

cpp-security

Safeguard articles tagged "cpp-security" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Application Security

A hands-on stack buffer overflow in C++: root cause and mitigations

The Morris Worm hit ~6,000 machines in 1988 via one unsafe gets() call. We build and hijack a stack overflow in C++ to teach why canaries and ASLR exist.

Jul 11, 20267 min read
Application Security

Modern C++ security: smart pointers, bounds checking, and static analysis

Microsoft has said for years that ~70% of the CVEs it patches trace to memory-safety bugs — here's how modern C++ actually closes that gap.

Jul 11, 20266 min read
Security Guides

C++ Security Best Practices: Memory Safety, Hardening Flags, and the C/C++ Supply Chain

Microsoft attributes roughly 70% of its CVEs to memory-safety bugs, and the xz backdoor proved the C/C++ supply chain is a live target. Here is the practical hardening path for code you can't rewrite.

Jul 4, 20266 min read
Industry Analysis

C/C++ Security Explained

C/C++ still cause ~70% of critical CVEs. From Heartbleed to the xz backdoor, here's why memory bugs persist and how to find exploitable ones fast.

Feb 22, 20268 min read
Industry Analysis

SQL Injection Prevention in C++ with SQLite Bind Parameters

How sqlite3_bind_text() stops SQL injection in C++ apps, common mistakes with bind parameters, and how to audit existing SQLite code for injection risk.

Oct 25, 20257 min read
Industry Analysis

XXE Prevention in C++: Removing libxml2 XML_PARSE_NOENT

How the libxml2 XML_PARSE_NOENT flag enables XXE in C++ codebases, the real CVEs behind it, and the exact code changes needed to remove it safely.

Oct 22, 20257 min read
cpp-security — Safeguard Blog