The Underhanded C Contest
Summary
The Underhanded C Contest page documents the annual event where participants embed covert vulnerabilities in readable C code. The 2015 edition centers on nuclear verification scenarios and features extensive analysis of various underhanded techniques, including NaN poisoning, memory leaks, environment-triggered attacks, and type/precision mismatches, culminating in a winner whose approach exploits float/double confusion. The content emphasizes secure coding, code review, and realistic attack scenarios to highlight subtle bugs.