Page History

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="34e1227c49e530bf-39dff9ee-474046f8-a367b624-d2eb944abd88902b534d7cc0"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 06\] Burch, H.; Long, F.; & Seacord, R. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a71225db4355cde-10ece092-41b04661-aa958fa1-d1faf1864c6d2c099d148acf"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
\[CERT 06\] CERT. [Managed String Library|http://www.cert.org/secure-coding/managedstring.html] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d3e6b75d8edc21c-c3b89f10-489c4efe-a7ca93d2-3979480f00e41b00af58e720"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro>
\[Dewhurst 02\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston, MA: Addison-Wesley Professional, 2002.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09b6c07adf019e8f-79ff1d51-443147df-932b9a28-3a8a2054ea5525f75c44ba59"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>
\[FSF 05\] Free Software Foundation. [GCC online documentation.|http://gcc.gnu.org/onlinedocs] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0adb37c0da81718e-8833a034-4ab84483-8bda8a50-f5fdeedd43a3b3021e685b23"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graff 03\] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8264d3e8e3730d69-dfb2cc50-49f14718-beed8e66-387753a50cb99d89368e45ce"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro>
\[Griffiths 06\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]."&nbsp;

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e37e41410cc05893-9629aead-4a4345af-bddcb504-5ff01533116bb7950d5a365c"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c11c523bbd5eb17-f8328525-4eae41fb-99079fa7-35c48f825289f6caf43301c9"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro>
\[Hatton 95\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="34b46b89d74c131b-ac7762fa-424b435a-8407861a-fb9b044a1555464b530b9b1e"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
\[ilja 06\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af2215925ca25731-43205ec3-48e748f8-94ed94ad-a5142c65f7acc4bcaf5c33d8"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. _Programming Languages --- C, Second Edition_, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7ef947d3ca787ded-28c9fffc-49ec4e0c-a6b2a367-6f87ffd0b4782fa511895bdd"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-2006\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="75fbabc79e2be69f-21c345d6-40a94a1b-be559cdd-9a2fc19ca81c5f0ce7dd19ff"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
\[Kerrighan 88\] Kerrighan, B. W. & Ritchie, D. M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8889acfc45074883-7c62a8e7-47834d36-830abd82-04c76eb68d2d1cb59eb937c5"><ac:parameter ac:name="">Kettle 02</ac:parameter></ac:structured-macro>
\[Kettlewell 03\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html] (February 2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f44528ad386c31d-8ab30bc1-4bcc4230-8a15b841-00d52a384c9501372b141731"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
\[Klein 02\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html] (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d16e8ef1a3816e8-d66a9ef1-44b74612-a770b362-63c262e5d0b89efa1b719bc5"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
\[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip] (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b40b695c1d3bb110-fd286460-455644d4-a97ca17f-8986148e99c6424901cb6dfc"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
\[MISRA 04\] MIRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0fd0372b8ca6c026-f57840f6-439548b1-9f3ba8a1-f1166fb7a1825315cadf4828"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5047abfe182db70b-cec8bfca-40d8424a-abbe9e4e-fb1c25383bacb14619f2d41e"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
\[NIST 06\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5beea904ad393430-2c2d665a-4dd449a7-9e4c9073-207dd2b906dbbbb08b3f7c8f"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
\[Open Group 97\] The Open Group. [_The Single UNIX ® Specification, Version 2_|http://www.opengroup.org/pubs/online/7908799/xsh/readlink.html] (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7f43f23d5e86a57c-591c32da-4a944ae8-b7ecaef3-4d635287bf9eb9a56621c345"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
\[Open Group 04a\] The Open Group. "[readlink|http://www.opengroup.org/onlinepubs/000095399/functions/readlink.html]." _The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48364d667d41cd51-6d1a2fb0-499241b6-8f47a8e9-c5dee9b48d312630d4329079"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
\[Open Group 04b\] The Open Group. "[realpath|http://www.opengroup.org/onlinepubs/009695399/functions/realpath.html]." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition\_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a1e4f3c9c59ee17a-36829127-42694437-a0c08e37-26019653fbcd4fe8f8c65b32"><ac:parameter ac:name="">Open Group 04c</ac:parameter></ac:structured-macro>
\[Open Group 04c\] The Open Group. "[open|http://www.opengroup.org/onlinepubs/009695399/functions/open.html]." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition\_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e8335b8e1f772f50-5b3f7f7f-439d4bf1-8767ae29-5bd34910e0a48be1a8fd1582"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
\[Plum 89\] Plum, Thomas. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, Inc., 1989 (ISBN 0911537074).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="de8e395a5b741aad-0ae0b0ad-4b344a96-92c692b5-f1bf0eb5cd80b356d02a74b4"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
\[Plum 91\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, Inc., 1991 (ISBN 0911537104).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fea0d1cfae9d6689-f451a841-45564697-8f389132-4d9e8318826992beb22e1a10"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>
\[Saks 99\] Dan Saks. _const T vs.T const_. Embedded Systems Programming. Pg. 13-16. February 1999. [http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3bf482f2a11b3c37-45234a5b-4a9444ac-88898bc7-8a873f685933e78dcb13e648"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56b8c5cb10ff6185-c2acc7e9-49394014-8e87ac73-4c700e50f357add44d1e7414"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
\[Seacord 05a\] Seacord, R. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff7ca9b3077a715c-d9e285d5-4a1747d6-b8edbc5b-b4b1ae135fc7f32c72eaa01a"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
\[Seacord 05b\] Seacord, R. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30-34.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6414d1ea8074c6b0-2ab630a9-40cf474a-960b8606-b97dfb0ab7743273a74b2a3e"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
\[Summit 95\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4d6023622ee0fa8a-cda8135e-4b044fc1-8895a426-07b745adeb9153fe1d31c371"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
\[Summit 05\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://c-faq.com/] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ebe9fd25f1d6d43c-a3e2ae38-456b42c7-876ca481-fe2f73dca2d3b64d26afe387"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
\[Viega 03\] Viega, John & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17d59e36c1801a20-b1dbda8e-48d1417a-ad0291e1-b0affc55eea29fe3dcc5b43b"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 02\] Warren, Henry S. _Hacker's Delight_. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).