Announcement C Effective C Book

Effective C is Now Available

The Print Book and Ebook are now available from:

And other fine establishments.

Announcement C Secure Coding WG14

Adding a Defer Mechanism to C

I’ve been collaborating with several members of the C Standards Committee and other experts to propose a defer mechanism for C2x. Our initial proposal (which can be downloaded below) presents five design questions that will influence the final proposal. Let me know if you have any opinions below or on Twitter (follow me @RCS).

Optimization Secure Coding Video

Video Killed the Radio Star

I’ve made a few videos over the years. Here are the ones where I kept my clothes on:

REcon 2016 – Dangerous Optimizations and the Loss of Causality
The Secure Developer – Ep. #35, Secure Coding in C/C++
Professional C Programming: Integer Types

And here is what I looked like back in the 1980s talking about the Serpent User Interface Management System (UIMS) developed at Carnegie Mellon University’s Software Engineering Institute and programmed in K&R C.

An Introduction to Serpent: A User Interface Management System (1989)

Effective C

I’ve set up this website to publish updates and additional material for the Effective C: An Introduction to Professional C Programming. I started writing this book in March 2019 while working at NCC Group as a Technical Director and serving as an expert in the C Standards Committee (ISO/IEC   JTC1/SC22/WG14).

My goal in writing this book was to develop an introductory text for developers who want to learn C programming. This book was written to be as accessible as possible to anyone who wants to learn C programming, but it was also written to be accurate. I didn’t want to provide over simplified explanations and examples that would result in your code being substandard. So this book teaches you how to write clean, correct, maintainable code.

I also wanted the book to be a reasonable length, so that you could bring it with you on an airplane without having to check a bag. The hardest thing in writing this book was in determining what to leave out. That’s the main reason for this website–to publish blog posts on topics that couldn’t fit or links to NCC Group research or blog such as this recent blog on Improving Software Security through C Language Standards. I’ll also try to draw your attention to interesting proposals submitted to the C Standards Committee for possible standardization including some recent proposals I submitted:

  • N 2465 2020/02/10 intmax_t, a way forward
  • N 2464 2019/12/01 Seacord, Zero-size Reallocations are Undefined Behavior

As well as some other interesting proposals written by others:

  • N 2466 2020/02/09 Svoboda, Towards Integer Safety
  • N 2477 2020/02/04 Alepins, Const functions

Hopefully you’ll enjoy the book and check back here for updates and additional resources as you continue to grow your understanding of C Language Programming.