Code Review

Course Group: 
Cyber Security

This 5 day course will look at reviewing C/C++ code for security issues. The course is heavily based around practical auditing of actual C/C++ programs. Common coding bugs will be identified in set lectures and then students will apply the theory by reviewing real programs and identifying vulnerabilities. In addition to manual code review, automated means of vulnerability discovery will be briefly discussed, including fuzz testing and static analysis.

The Learning outcomes of the course will be an improved ability to audit C code and discover vulnerabilities, an understanding of secure development, and automation techniques to secure code and identify bugs.

Who Should Attend

Course Outline

Presenter Information

Dates & Registration

Duration: 5 Days

Delivery Mode: Classroom

Locations: Canberra

What you will receive

  • Comprehensive set of course notes
  • UNSW Canberra certificate of attendance
  • Morning tea, lunch and afternoon tea

Who Should Attend?: 

This course is aimed at technical staff. It is suitable for vulnerability researchers looking to discover bugs in C/C++ software. It is equally suitable for software developers aiming to improve the security of their code.


  1. Review of the C/C++ Programming Language
  2. Vulnerability Discovery
    1. Dynamic Program Analysis
    2. Reverse Engineering
    3. Fuzz Testing
    4. Static Analysis


  1. C/C++ Bug Patterns
    1. Integers and Floating Point Arithmetic
    2. Strings and Buffers
    3. Logic Bugs
    4. Command Injection
    5. Race Conditions
    6. Privilege Management
    7. Practical Activities
      1. Code Review of Real World Linux C Programs


  1. Open Source OS Kernel Auditing
    1. Device Drivers
    2. User/Kernel Buffer Copying
    3. File Systems
    4. System Calls
    5. Practical Activities
      1. Code Review of Real World Linux and BSD Kernels


  1. Automating Code Review with Coccinelle
  2. Secure Coding




No dates? Or unable to attend dates shown? Submit an Expression of Interest below to be notified of upcoming courses.



24 June 2019 - 28 June 2019