SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 22

changes.mady.by.user Pamela Curtis

Saved on

compared with

New Version 23

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="37eba4f28efd20a6-435991fd-42fb4790-8df89db1-77cffd2846def50642eb44cf"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 06\] Hal Burch, Fred Long, Robert Seacord.  Specifications for Managed Strings. May 2006.  CMU/SEI-2006-TR-006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4911e829c33deb74-98e74ce0-49f54f06-b66fa7b3-085106d05424d2b37b9a1f31"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
\[CERT 06\] CERT. [Managed String Library|http://www.cert.org/secure-coding/managedstring.html] (2006).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b4e89e9f31b0dad-db6cd3d4-45664c2e-981c84d5-ec963b4c354f183a37b02308"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graf 03\] Secure Coding: Principles and Practices. O'Reilly, July 2003. ISBN 0596002424.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="590ab202ea76b654-cfa27f04-4eb942e3-b4dca706-aa660d98725fbdf868663b9c"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November, 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="db0efa1195f2466d-c5a50fbc-4df0407a-aab99c47-7a4fda621f452b8b6573dcbc"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
\[Hatton 04\] Safer C: Developing Software for High-integrity and Safety-critical Systems. McGraw-Hill Book Company. ISBN 0-07-707640-0.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7d61c5350dcfe202-4a7585c9-4817455d-b9cea790-ae974769cf3294a93da01a61"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
\[ilja 06\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c64cb642a5cb186d-1d888305-4c1a407d-bb629e18-162d4b671093188490600d9c"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. Programming Languages --- C, Second Edition, 1999.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4e8cf39e50f9e4b1-7a3d0556-43b649c6-bf8b8b22-c06585dbde1e05af783606fd"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-2006\] ISO/IEC TR 24731. Extensions to the C Library, --- Part I: Bounds-checking interfaces. April, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="361f1b400b28316f-ae88748e-49504c53-adb8bff8-d101d5fb0e0eaf0cef4da395"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
\[Kerrighan 88\] Kerrighan B. W., and D. M. Ritchie. The C Programming Language. 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27bfb550cf413413-9ccc7ab6-4f144fb7-8e97b395-7f60bd9d33861849360c9d69"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
\[Klein 02\] Klein, Jack. _Bullet Proof Integer Input Using strtol()_. [http://home.att.net/~jackklein/c/code/strtol.html] (2002).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="380572c74dc13388-f302a438-4e114a11-9d08a9bb-78f5966b788584513a80f2f5"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
\[mercy\] mercy. _Exploiting Uninitialized Data_. [http://www.felinemenace.org/papers/UBehavior.zip] (January 2006).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="587c0cf66dbc1f48-715c8963-48314dd4-950fabf0-1c62d22c506eaa2d2a2004e7"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
\[MISRA 04\] MISRA C: 2004 Guidelines for the use of the C language in critical systems. MIRA Limited. Warwickshire, UK. October 2004. ISBN 0 9524156 4

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ed1bb52ffe844f6-0cfac4ba-4147430c-9d339795-6b82b7f2a55652d41c656d98"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13\] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. [http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4d9020ff3fe7776d-46fa4f58-4ba449d6-8f9783fe-b74cf510c0980c4460e608f9"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
\[NIST 06\] NIST. SAMATE Reference Dataset (SRD).See [http://samate.nist.gov/SRD/srdFiles/]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2c45204eb6ab022-b2e89f52-45964376-807a84c8-1304dbb0cfd32437735240dd"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
\[Open Group 97\] The Open Group. _[_The Single UNIX ® Specification, Version 2_|http://www.opengroup.org/pubs/online/7908799/xsh/readlink.html]_ (1997).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="107a8ccc00955ab0-c3bb28e5-40784138-9311a13a-70eb47b510271ea95ebcb701"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
\[Open Group 04a\] The Open Group. "[readlink|http://www.opengroup.org/onlinepubs/000095399/functions/readlink.html]." _The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b687763ea1d5e8d0-adc0afd7-41c244f9-9929-627ac438a1c8"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
\[Open Group 04b\] The Open Group. "[realpath|http://www.opengroup.org/onlinepubs/009695399/functions/realpath.html]." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69482b83-cb8a-479e-b7d8-d75c0cf35949873a-0e2e76ac2e05"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
\[Plum 89\] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66cb9937d05c4a8b-27132f60-42c64ce3-97d78166-772e85eba6c30bae5a371129"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
\[Plum 91\] Thomas Plum, Dan Saks. C+\+ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="33b2e39ad770ded6-d488eeb9-439c444a-acad803a-cd62e9154ac266a3d2388d03"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="132468118cdccde2-295c0687-4acc4947-b098bf3d-bb2ea1203f0c9dd52f5fed68"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
\[Seacord 05a\] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a71f85291b1523c6-f2af7cf8-4d864055-b839a44b-eb4fe7f6f303106a0261da5d"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
\[Seacord 05b\] Seacord, R. Managed String Library for C. C/C+\+ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6e2735d8d0f0bfa6-b1169a56-485a4edf-816ca133-24a59f4f8bec9f1ac888063c"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
\[Summit 95\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="63f6b2955bba1073-9f0d2b03-46f34304-bebd863e-48fbd0a868c9872a2597c7b0"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
\[Summit 05\] Summit, Steve. _comp.lang.c Frequently Asked Questions_. [http://c-faq.com/] (2005).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4d4f6275c8906dd6-f8fad90c-40474dbe-a499ad04-ad30acc3394eba069071e4c0"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
\[Viega 03\] Viega, John & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7d8ab285b6438e7f-b6d49a4f-4c2c4d71-947ebf13-e896018a4423e15b12a388e6"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 02\] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.