SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 418

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 419

changes.mady.by.user Sandy Shrum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Anchor
Black 07
Black 07

[Black 2007] Black, Paul E., ; Kass, Michael, ; & Koo, Michael. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf.

Anchor
Brainbell.com
Brainbell.com

[Brainbell.com] Brainbell.com. Advice and Warnings for C Tutorials.

Anchor
Bryant 03
Bryant 03

[Bryant 2003] Bryant, Randal E. , & O'Halloran, David. Computer Systems: A Programmer's Perspective. Upper Saddle River, NJ: Prentice Hall, 2003 (ISBN 0-13-034074-X).

Anchor
Burch 06
Burch 06

[Burch 2006] Burch, Hal, ; Long, Fred, ; & Seacord, Robert C. Specifications for Managed Strings (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

...

Anchor
C99 2003
C99 2003

[C99 Rationale 2003] Rationale for International Standard—Programming Languages—C, Revision 5.10 (C99 Rationale), April 2003. http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf.

Anchor
Callaghan 95
Callaghan 95

[Callaghan 1995] Callaghan, B., ; Pawlowski, B., ; & Staubach, P. IETF RFC 1813 NFS Version 3 Protocol Specification, June 1995.

...

Anchor
Chen 02
Chen 02

[Chen 2002]  Chen, H., ; Wagner, D., ; & Dean, D. Setuid Demystified. USENIX Security Symposium, 2002.

...

Anchor
DISA 2008
DISA 2008

[DISA 20082015] DISA. Application Security and Development Security Technical Implementation Guide, Version 2, Release 1. July 2008Accessed April 2015.

Anchor
DOD 5220
DOD 5220

[DOD 5220] U.S. Department of Defense. DoD Standard 5220.22-M (Word document).

Anchor
Dowd 06
Dowd 06

[Dowd 2006] Dowd, M., ; McDonald, J., ; & Schuh, J. The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities. Boston: Addison-Wesley, 2006. See http://taossa.com for updates and errata.

...

Anchor
Feather 97
Feather 97

[Feather 1997] Feather, Clive, D. W. Solving the struct Hack Problem. JTC1/SC22/WG14 N791. http://www.open-std.org/jtc1/sc22/wg14/www/docs/n791.htm (1997).

Anchor
Finlay 03
Finlay 03

[Finlay 2003] Finlay, Ian A. CERT Advisory CA-2003-16, Buffer Overflow in Microsoft RPC. CERT/CC, July 2003.

Anchor
Fisher 99
Fisher 99

[Fisher 1999] Fisher, David, David & Lipson, Howard. "Emergent Algorithms—A New Method for Enhancing Survivability in Unbounded Systems." Proceedings of the 32nd Annual Hawaii International Conference on System Sciences (HICSS-32). Maui, HI, January 5–8, 1999.

...

Anchor
Garfinkel 96
Garfinkel 96

[Garfinkel 1996] Garfinkel, Simson, Simson & Spafford, Gene. Practical UNIX & Internet Security, 2nd ed. Sebastopol, CA: O'Reilly Media, April 1996 (ISBN 1-56592-148-8).

Anchor
GCC Bugs
GCC Bugs

[GCC Bugs] GCC Team. GCC Bugs. Copyright © Free Software Foundation, Inc. http://gcc.gnu.org/bugs/#nonbugs_c (n.d.).

Anchor
GNU 10
GNU 10

[GNU 2010] GNU. Coding Standards. GNU, 2010.

...

Anchor
Goodin 2009
Goodin 2009

[Goodin 2009] Goodin, Dan Goodin. Clever Attack Exploits Fully-Patched Linux Kernel. The Register, July 2009.

Anchor
Gough 2005
Gough 2005

[Gough 2005] Gough, Brian J. An Introduction to GCC. Network Theory Ltd., Revised August 2005 (ISBN 0-9541617-9-3).

Anchor
Graf 03
Graf 03

[Graff 2003] Graff, Mark G. , & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

...

Anchor
Henricson 92
Henricson 92

[Henricson 1992] Henricson, Mats , & Nyquist, Erik. Programming in C++, Rules and Recommendations. Ellemtel Telecommunication Systems Laboratories, 1992.

...

Anchor
Howard 02
Howard 02

[Howard 2002] Howard, Michael , & LeBlanc, David C. Writing Secure Code, 2nd ed. Redmond, WA: Microsoft Press, 2002.

Anchor
HP 03
HP 03

[HP 2003] Hewlett-Packard Company. Tru64 UNIX: Protecting Your System against File Name Spoofing Attacks. Houston, TX: Hewlett-Packard Company, January 2003.

...

Anchor
IEEE Std 610.12 1990
IEEE Std 610.12 1990

[IEEE Std 610.12 1990] IEEE. IEEE Standard Glossary of Software Engineering Terminology. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=159342  (1990).

Anchor
IEEE Std 1003.1-2004
IEEE Std 1003.1-2004

[IEEE Std 1003.1:2004] IEEE and The Open Group. The Open Group Base Specifications Issue 6 (IEEE Std 1003.1), 2004 Edition. (See also ISO/IEC 9945-2004 and Open Group 04.)

Anchor
IEEE Std 1003.1
IEEE Std 1003.1
Anchor
IEEE Std 1003.1-2008
IEEE Std 1003.1-2008

[IEEE Std 1003.1:2008] IEEE and The Open Group. The Open Group Base Specifications Issue 7 (IEEE Std 1003.1), 2008 Edition. See also ISO/IEC 9945-2008 and Open Group 2008.

...