Page History

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc7482f04325a45d-b10af426-4d274215-8ea9989e-34f6082debdc9dbc827ec28c"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 06\] Burch, H.; Long, F.; & Seacord, R. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b4d3a27af59eb55-db38ad4f-4e6d4b0f-8c1aac1c-612f4126878ffc2839f23fa8"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
\[CERT 06\] CERT. [Managed String Library|http://www.cert.org/secure-coding/managedstring.html] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="930bf8a939505265-e8c47262-4ba1482d-82bba814-0b61a8ea124b6cf13b7eaeaf"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro>
\[Dewhurst 02\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston, MA: Addison-Wesley Professional, 2002.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13dde79f68f94af7-d5f84738-4f6e4d81-8fbda485-ce7a053a0eac0d764dc6812a"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>
\[FSF 05\] Free Software Foundation. [GCC online documentation.|http://gcc.gnu.org/onlinedocs] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb7b291a5a37d5fa-203732b5-47ca40db-8655b3ab-599a257e7d839064d47bc2b6"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graff 03\] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50949c43f87ca8d3-dee94261-443c43d8-8491881d-3a344fdd25308efd326391fe"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro>
\[Griffiths 06\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]."&nbsp;

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8d3c2b3f95e7d655-1fdb2ce4-42ea4a74-a965a48b-8cf8e20e0e32396eed55f238"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2dd29093e4c09ae-5b367883-460046bc-aeafb64f-894d9706ffc60093d10f8d7d"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro>
\[Hatton 95\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f0f1c6b918678e3-9359e77f-42044883-97b792dc-7c87397c692c0ee8256c5754"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
\[ilja 06\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a14c3ead2e946bde-979cf2f0-416949cc-aca089f7-730fe1afc6043f554a185310"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. _Programming Languages --- C, Second Edition_, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9df84a1ada9a985f-d3dcf5b1-4b7e4992-8dc58152-46fd4971ea7eab76b0232f4f"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-2006\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d0187cbd1267a8d9-3b9a535a-4fae4216-9a5581f3-0bef4510bab6e64508daa2ec"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
\[Kerrighan 88\] Kerrighan, B. W. & Ritchie, D. M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0e77ba1ff5bee65c-e7f4db66-446e45ff-a1e894d3-6319ba62c3aaf6c373c2858d"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro>
\[Kettlewell 03\] Kettlewell, Richard. [_Inline Functions In C_|http://www.greenend.org.uk/rjk/2003/03/inline.html] (March 2003). 

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8631a2352c7b2967-94237e20-40f1417a-a478b1e2-16aa9ff1a8466b33965c137e"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
\[Klein 02\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html] (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="abde8f9fae3290c2-c582839f-4c804747-8eadb2ad-9db9e28b65aed402a8884e96"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
\[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip] (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c2304c713f61ece3-1d7310f8-41b0480d-a916876c-3162daae38818a06357ea610"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
\[MISRA 04\] MIRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="055e163a99c8fbb1-66332134-47b0402a-ad248c67-0ec12d8ba377bc8806b74dbd"><ac:parameter ac:name="">NASA-GB-1740.13<>MSDN 01</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13MSDN 01\] Microsoft. [The MSDN Library File Management Functions.|http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/fs/file_management_functions.asp] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68ccfae37cf7e3a8-06d63296-41ec42a6-a2d3ad60-4d29e73248e111af1e40605c"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
\[NIST 06\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="61b9cc90c3b84dd7-3b0448fb-4fe94c26-89c78bb7-fb02fe29d4215b47b866f595"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
\[Open Group 97\] The Open Group. [_The Single UNIX ® Specification, Version 2_|http://www.opengroup.org/pubs/online/7908799/xsh/readlink.html] (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f31fc6c6e063a866-c6e200b9-43344f6d-99de8fd4-39f93f5f874c0c6c3dda2292"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
\[Open Group 04a\] The Open Group. "[readlink|http://www.opengroup.org/onlinepubs/000095399/functions/readlink.html]." _The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="96d01f26a3470966-73eb1da8-49f64d0b-bef8b3b0-61b49c9fb43e4a69e0c03f7d"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
\[Open Group 04b\] The Open Group. "[realpath|http://www.opengroup.org/onlinepubs/009695399/functions/realpath.html]." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition\_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87dda2901e62f742-4e519253-4a584de6-bff296ef-90ce734c17751a14113473a7"><ac:parameter ac:name="">Open Group 04c</ac:parameter></ac:structured-macro>
\[Open Group 04c\] The Open Group. "[open|http://www.opengroup.org/onlinepubs/009695399/functions/open.html]." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition\_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f536e7a5802cc55c-90d1a650-4f4a4e2a-9867a7e0-92ac845791b5776d2c6462bb"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
\[Plum 89\] Plum, Thomas. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, Inc., 1989 (ISBN 0911537074).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="63ae006ca873870b-fd91dcba-475a41f1-8e8a876e-8f8268dcc360b1a6c68fdf7e"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
\[Plum 91\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, Inc., 1991 (ISBN 0911537104).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="70ac1cbcd9fc8652-51461b1f-4f7342e2-b018bd36-e78a6bc463b3d881e7e802b1"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>
\[Saks 99\] Dan Saks. _const T vs.T const_. Embedded Systems Programming. Pg. 13-16. February 1999. [http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9947bc126f9301e5-d37c82ab-47a04ce0-952d9da4-73f2a16f1a7c4a6813b400b1"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="794c7cdfc13325ea-4c55d0c0-48864e35-8d41a868-e2ba6ce47f85521c1d71d154"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
\[Seacord 05a\] Seacord, R. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cba88c614e4a90a4-f71b4740-47f74fb8-b5b0a5b3-78abdeade1148d5cc779b827"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
\[Seacord 05b\] Seacord, R. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30-34.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f47ff02e1abf969a-20a4ec50-4ad24e37-992f99bf-a8295ca4985020df8c272f13"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
\[Summit 95\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f0c8d6737abecf1a-6e2f8013-46dc4956-b4acb69b-3c0151887aebccb2b0329b4f"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
\[Summit 05\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://c-faq.com/] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="966c3c576d52c741-11515be5-4b8d450a-948b9b70-f585442e9e4414686a9a04c3"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
\[Viega 03\] Viega, John & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fe4f630ffa865d36-9421633d-47524dcf-8ddc8133-f6572a526321545a91e067ca"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 02\] Warren, Henry S. _Hacker's Delight_. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).