Part 2 | De-serialization | Example of Binary Serialization in C++ | Secure Programming Practices

In this screencast I will demonstrate my approach at creating a binary de-serialization code in C++. I will follow best programming techniques. The goal of this tutorial is to demonstrate secure programming practices concerning binary serialization & de-serialization. PLEASE watch the correction to this video in part 3: https://youtu.be/myrPSE90Rbc Part 1: https://youtu.be/PeYH4Zl9RGc This video is accompanied by my blog post: https://dennisbabkin.com/blog/?i=AAA12200 For the source code check "BinSerialize" Visual Studio C++ solution on GitHub: https://github.com/dennisbabkin/BinSerialize Time Codes: =========================== 1:24 Why de-serialization poses a greater security risk to your app. 5:03 Starting coding de-serialization logic. 6:35 Writing de-serialization logic for the Student class: fromByteArray() function. 33:06 Example of why writing a secure de-serialization code is hard - I put a bug in my code. (I'll correct it in part 3.) 48:07 Another example why it's important to pay attention to what you are writing during an important sequence of code: I made another bug. (I will correct it later.) 53:26 Writing de-serialization logic for MyClass class: fromByteArray() function. 1:11:36 Writing code to test our de-serialization logic. 1:15:38 Writing a fuzzer to brute-force our de-serialization logic. #windows #security #serialization #cpp