| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7edf66720d6e0beb-5ad621d2-43a349d3-a15d959b-e61241f858d9a8a533b61e54"><ac:parameter ac:name="">Apple 06</ac:parameter></ac:structured-macro> \[Apple 2006\] Apple, Inc. [_Secure Coding Guide_|http://developer.apple.com/documentation/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf], May 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1c8857183f2bb9f-cc237fe3-438448e2-b3088079-c7b9eb746d7346c113178bef"><ac:parameter ac:name="">Austin Group 08</ac:parameter></ac:structured-macro> \[Austin Group 2008\] "Draft Standard for Information Technology - Portable Operating System Interface (POSIX®) - Draft Technical Standard: Base Specifications, Issue 7," IEEE Unapproved Draft Std P1003.1 D5.1. Prepared by the [Austin Group|http://www.opengroup.org/austin/]. New York: Institute of Electrical & Electronics Engineers, Inc., May 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="867413753530a53b-11e2329c-4b344670-826ea087-4eab9967057655902a969bf0"><ac:parameter ac:name="">Banahan 03</ac:parameter></ac:structured-macro> \[Banahan 2003\] Banahan, Mike. [_The C Book_|http://www.phy.duke.edu/~rgb/General/c_book/c_book/index.html], 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ffd018b30d80c975-1259f3f2-42e24414-a19ba83f-ac49d355006f71d309d2dcd5"><ac:parameter ac:name="">Beebe 05</ac:parameter></ac:structured-macro> \[Beebe 2005\] Beebe, Nelson H. F. [Re: Remainder (%) operator and GCC|http://gcc.gnu.org/ml/gcc-help/2005-11/msg00141.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6ad0d481b387681c-b9f6ebbf-45684a67-acd3b85f-d6ca19668132a979479587ef"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro> \[Becker 2008\] Becker, Pete. [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2521.pdf], April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6528d2c5112f0825-15e23edf-4e334d36-9993a241-eafac10c2c078c514fb4d2a5"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro> \[Black 2007\] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. [http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c17987c5948620d2-6f9747a1-4d1a4d8d-811bbf50-eae0e554af40e5b4ad727dc3"><ac:parameter ac:name="">Brainbell.com</ac:parameter></ac:structured-macro> \[Brainbell.com\] Brainbell.com. [_Advice and Warnings for C Tutorials_|http://www.brainbell.com/tutors/c/Advice_and_Warnings_for_C/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4bf2b8824cf60f1-19725825-48104eb4-92b3b6bd-fb1f69830f750f3b0f9c4f9c"><ac:parameter ac:name="">Bryant 03</ac:parameter></ac:structured-macro> \[Bryant 2003\] Bryant, Randal E., & O'Halloran, David. _Computer Systems: A Programmer's Perspective_. Prentice Hall, 2003 (ISBN 0-13-034074-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b3a939b909371820-37ab51a8-4a4f4274-a455a04b-fde07029bb3cbd83b4c4d529"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro> \[Burch 2006\] Burch, Hal, Long, Fred, & Seacord, Robert C. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9e582cc4e3fc912-b7b1fefc-4a774e28-b97eb8c6-8f170054fd4b4ad39fde5f13"><ac:parameter ac:name="">Butenhof 97</ac:parameter></ac:structured-macro> \[Butenhof 1997\] Butenhof, David R. [Programming with POSIX® Threads |http://www.informit.com/store/product.aspx?isbn=0201633922]. Addison-Wesley Professional, 1997. (ISBN 0-201-63392-2). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f9d1fc4924862a7a-d46a6bfa-429344f3-ad88b288-8228fb2b17f547e0f74b1229"><ac:parameter ac:name="">Callaghan 95</ac:parameter></ac:structured-macro> \[Callaghan 1995\] Callaghan, B., Pawlowski, B., & Staubach, P. [IETF RFC 1813 NFS Version 3 Protocol Specification|http://www.ietf.org/rfc/rfc1813.txt], June 1995. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3daad678b5b820ac-f4f81e4f-4b3d4f61-bd6195ba-3b0280d3429fd58d514a75e4"><ac:parameter ac:name="">CERT 06a</ac:parameter></ac:structured-macro> \[CERT 2006a\] CERT/CC. [CERT/CC Statistics 1988---2006|http://www.cert.org/stats/cert_stats.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="adfca6dd05ab326c-27f33851-4c424bc9-a6289fe8-84c5a175cef5924b134d7cdf"><ac:parameter ac:name="">CERT 06b</ac:parameter></ac:structured-macro> \[CERT 2006b\] CERT/CC. US-CERT's [Technical Cyber Security Alerts|http://www.us-cert.gov/cas/techalerts/index.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="019ecced9970f25c-92ba601c-4eb241e5-9db0af56-9172d69ae3bb23bd5e6032e5"><ac:parameter ac:name="">CERT 06c</ac:parameter></ac:structured-macro> \[CERT 2006c\] CERT/CC. [Secure Coding|http://www.cert.org/secure-coding/] web site. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="210ebbfc39a6ec47-5f4b80be-411e4c64-9aa5986e-fc023011f7357880f35c5c6e"><ac:parameter ac:name="">Chen 02</ac:parameter></ac:structured-macro> \[Chen 2002\] Chen, H., Wagner, D., & Dean, D. [Setuid Demystified|http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf] USENIX Security Symposium, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a33db835b52570dc-c1a8ad90-478344ce-95008d04-f276ea6c3126cfc43cf5a723"><ac:parameter ac:name="">Corfield 93</ac:parameter></ac:structured-macro> \[Corfield 1993\] Corfield, Sean A. "[Making String Literals 'const'|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc]," November 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd6f14b46c5bbc26-1918aa08-4672425a-acc3b942-4ddaf31e208b623547d5c918"><ac:parameter ac:name="">Coverity 07</ac:parameter></ac:structured-macro> \[Coverity 2007\] Coverity Prevent User's Manual (3.3.0), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f0b6aa26834dd0f6-9a703f37-4a054f99-88c3a29b-212880522b54ba17b928b349"><ac:parameter ac:name="">CVE</ac:parameter></ac:structured-macro> \[CVE\] [Common Vulnerabilities and Exposures|http://cve.mitre.org/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="650977d2116beb42-666ae269-44154c54-b1ab85d3-9c5dfe183d0324d4e116f674"><ac:parameter ac:name="">CPPReference</ac:parameter></ac:structured-macro> \[C+\+ Reference\] [Standard C Library, General C\++, C++ Standard Template Library|http://www.cppreference.com/] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59b9675085096799-6c384ca9-474b49c1-854e8aec-93e459eecc2386206775e224"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro> \[Dewhurst 2002\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston: Addison-Wesley Professional, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2a51a431ca1c58f4-1410369f-403e43ab-8661885c-7c8c298b5c071958ae8b1967"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro> \[Dewhurst 2005\] Dewhurst, Stephen C. _C+\+ Common Knowledge: Essential Intermediate Programming_. Boston, MA: Addison-Wesley Professional, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1749d44bb03e502-ab93742c-41704db3-acdbb95a-4b1f90f82c9345419ada370d"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro> \[DHS 2006\] U.S. Department of Homeland Security. [Build Security In|https://buildsecurityin.us-cert.gov/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8e1777c887720ec9-bffeba27-4ae04d77-8269ae7b-e10271ddcdb9a306f36798d7"><ac:parameter ac:name="">DISA 2008</ac:parameter></ac:structured-macro> \[DISA 2008\] DISA. [Application Security and Development Security Technical Implementation Guide, Version 2, Release 1|http://iase.disa.mil/stigs/stig/application_security_and_development_stig_v2r1_final_20080724.pdf]. July, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="229334bc50136bfc-bcf7e85b-4690476a-bc829c3e-780d53e6257831483ec02d0c"><ac:parameter ac:name=""> DOD 5220</ac:parameter></ac:structured-macro> \[DOD 5220\] U.S. Department of Defense. [DoD Standard 5220.22-M|http://security.ouhsc.edu/docs/policies/approved/DoD_5220.doc] (Word document). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4fb8c342d557e74-9926ac1d-4c8f4b2c-99bebbba-e9cf712452fa6bd745eb19f0"><ac:parameter ac:name="">Dowd 06</ac:parameter></ac:structured-macro> \[Dowd 2006\] Dowd, M., McDonald, J., & Schuh, J. _The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities_. Boston: Addison-Wesley, 2006. See [http://taossa.com] for updates and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4d0e4243198eb2b9-5567456d-4bca4f2d-96f3af4c-b622b1789ccb397868b2ab16"><ac:parameter ac:name="">Drepper 06</ac:parameter></ac:structured-macro> \[Drepper 2006\] Drepper, Ulrich. [Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)|http://people.redhat.com/drepper/defprogramming.pdf], May 3, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="06ef2f38d6d7c144-da016741-4bed40df-a671aac0-5bf62204f5abf3fe6e30179e"><ac:parameter ac:name="">Dutta 03</ac:parameter></ac:structured-macro> \[Dutta 2003\] Dutta, Shiv. [Best practices for programming in C|http://www.ibm.com/developerworks/aix/library/au-hook_duttaC.html], June 26, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="852faa8d797e89fb-c15cc117-48ce4cb3-9bb98556-4827cef6bf572cc12a90ab4d"><ac:parameter ac:name="">Eckel 07</ac:parameter></ac:structured-macro> \[Eckel 2007\] Eckel, Bruce. [_Thinking in C+\+ Volume 2_|http://bruce-eckel.developpez.com/livres/cpp/ticpp/v2/], January 25, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef389ddc50af04b4-e451c771-41e644d1-acc499bf-584f5dcf9c3ea6fd3dbfa969"><ac:parameter ac:name="">ECTC 98</ac:parameter></ac:structured-macro> \[ECTC 1998\] Embedded C+\+ Technical Committee. [_The Embedded C+\+ Programming Guide Lines_|http://www.caravan.net/ec2plus/guide.html], Version WP-GU-003. January 6, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6bf67da699bc0d4d-62451462-4db949e3-a5d1ad87-0dc97e5bbadc49497b6ea0da"><ac:parameter ac:name="">Eide and Regehr</ac:parameter></ac:structured-macro> \[Eide and Regehr\] "[Volatiles are miscompiled, and what to do about it|http://portal.acm.org/citation.cfm?id=1450058.1450093]" Eide E., Regehr J. 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0488655771922933-2d69ad09-4d304ce1-a3e393f1-b453fa320dc579a0ebd9e98f"><ac:parameter ac:name="">Finlay 03</ac:parameter></ac:structured-macro> \[Finlay 2003\] Finlay, Ian A. CERT Advisory CA-2003-16, [Buffer Overflow in Microsoft RPC|http://www.cert.org/advisories/CA-2003-16.html]. CERT/CC, July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fe3cce3c89241e81-c51ea5ce-4e3a4e3b-bc7d9960-717853c188d88015a5c33fb2"><ac:parameter ac:name="">Fisher 99</ac:parameter></ac:structured-macro> \[Fisher 1999\] Fisher, David & Lipson, Howard. "Emergent Algorithms - A New Method for Enhancing Survivability in Unbounded Systems." _Proceedings of the 32nd Annual Hawaii International Conference on System Sciences (HICSS-32)_. Maui, HI, January 5-8, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a8f8c140b4f6bd8-a472485c-4434439f-bc2c88da-76543d346784b9be65f32e91"><ac:parameter ac:name="">Flake 06</ac:parameter></ac:structured-macro> \[Flake 2006\] Flake, Halvar. "[Attacks on uninitialized local variables|http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Flake.pdf]." Black Hat Federal 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f8c61a2f74f5921a-60a2de86-4d454cd0-b1b08b3b-44ab532b65d77c8fa6acd255"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro> \[Fortify 2006\] Fortify Software Inc. [Fortify Taxonomy: Software Security Errors|http://www.fortifysoftware.com/vulncat/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9e2923fb8c44c66-0d727242-452b4786-82d1b885-8910869a778a2b6f25db3540"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro> \[FSF 2005\] Free Software Foundation. [GCC online documentation|http://gcc.gnu.org/onlinedocs], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab20ea5ac27d9fac-14959d70-4813489f-8673ac3a-075aef94c9137aeb3db828d5"><ac:parameter ac:name="">Garfinkel 96</ac:parameter></ac:structured-macro> \[Garfinkel 1996\] Garfinkel, Simson & Spafford, Gene. _Practical UNIX & Internet Security_, 2nd Edition. Sebastopol, CA: O'Reilly Media, April 1996 (ISBN 1-56592-148-8). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3fc9e782-4879-453e-b41e-190e2a068b1d"><ac:parameter ac:name="">GNU 10</ac:parameter></ac:structured-macro> \[GNU 2010\] GNU. [Coding Standards|http://www.gnu.org/prep/standards/standards.html], GNU, 2010. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9823e580cc7edea9-73c9faa9-4ebb4ba4-b1e0bfd8-f32f5af91b32b7a90f8ff328"><ac:parameter ac:name="">GNU Pth</ac:parameter></ac:structured-macro> \[GNU Pth\] Engelschall, Ralf S. [GNU Portable Threads|http://www.gnu.org/software/pth/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e272068dbdbfe19d-fcb10b4e-4d1f40f0-916db36d-ee6c4c9a4e81181be96caad4"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro> \[Goldberg 1991\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, March 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e1973d3b5211147e-ba69299a-4b114ad0-b552b4b0-8e53a402460c3518a0c551e0"><ac:parameter ac:name="">Goodin 2009</ac:parameter></ac:structured-macro> \[Goodin 2009\] Dan Goodin. [Clever attack exploits fully-patched Linux kernel|http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/] The Register. July 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5615414e1747099d-3dfc13db-49d3402b-9448bc5c-6616f83dac8ece0fc6873fd6"><ac:parameter ac:name="">Gough 2005</ac:parameter></ac:structured-macro> \[Gough 2005\] Gough, Brian J. [An Introduction to GCC|http://www.network-theory.co.uk/docs/gccintro/index.html]. Network Theory Ltd, Revised August 2005 (ISBN 0-9541617-9-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff9e81940af56f22-7b2de306-441e4b25-b0ef8ef4-ea18706405f1b0adc51b6d97"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro> \[Graff 2003\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="950a4112a86c1230-718f981c-41864f74-82c09ed0-9422f6798d7ba093bd28ca1c"><ac:parameter ac:name="">Greenman 97</ac:parameter></ac:structured-macro> \[Greenman 1997\] Greenman, David. [_serious security bug in wu-ftpd v2.4_|http://seclists.org/bugtraq/1997/Jan/0011.html]. BUGTRAQ Mailing List (bugtraq@securityfocus.com), January 2, 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b36ce2f29e67f590-79c2e51a-4a724ac0-a16b8e9d-a426e82a2525793f15896246"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro> \[Griffiths 2006\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="700c55422ead8f4e-65504e43-4f644901-a888b7a9-84b32a35e58c0fa5fb801a2a"><ac:parameter ac:name="">Gutmann 96</ac:parameter></ac:structured-macro> \[Gutmann 1996\] Gutmann, Peter. [Secure Deletion of Data from Magnetic and Solid-State Memory|http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html], July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="44371118f719e9eb-7a8b800a-40b24ee9-8f67b5a5-2361478bf915e781fe0cacdb"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro> \[Haddad 2005\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bdc2beef40314463-f4190f41-485c4060-8b45b171-ed1bc74a0c828aa2d9e9fb67"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro> \[Hatton 1995\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="57f24ee5342ca234-a151bd7e-4c734dcd-a669a6ce-c1f7613f0e074898b642fae0"><ac:parameter ac:name="">Hatton 03</ac:parameter></ac:structured-macro> \[Hatton 2003\] Hatton, Les. [EC-: A measurement based safer subset of ISO C suitable for embedded system development|http://www.leshatton.org/Documents/ISOC_subset.pdf]. November 5, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51503e6e1a8424f2-4b35c873-43bf48db-a1d09818-001ff70175332ed3f3d5f2c3"><ac:parameter ac:name="">Henricson 92</ac:parameter></ac:structured-macro> \[Henricson 1992\] Henricson, Mats, & Nyquist, Erik. [Programming in C++, Rules and Recommendations|http://www.doc.ic.ac.uk/lab/cplus/c++.rules/]. Ellemtel Telecommunication Systems Laboratories, 1992. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="95060efbb166dfe8-7498c87a-46884fab-aa428b1b-750130d22346606daf6ff711"><ac:parameter ac:name="">Horton 90</ac:parameter></ac:structured-macro> \[Horton 1990\] Horton, Mark R. _Portable C Software_. Upper Saddle River, NJ: Prentice-Hall, Inc., 1990 (ISBN:0-13-868050-7). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5d200044b1bf8c8f-8d22bd07-44924467-a578a3c9-19e3adf4895cb73eadb45b74"><ac:parameter ac:name="">Howard 02</ac:parameter></ac:structured-macro> \[Howard 2002\] Howard, Michael, & LeBlanc, David C. _[_Writing Secure Code, 2nd ed. Redmond, WA:_|http://www.microsoft.com/mspress/books/5957.aspx]_. Microsoft Press, December 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53d6bd9a33c28f3f-97627b45-4f0d4eea-bd8aafd4-d3d46cd242699883c86e8133"><ac:parameter ac:name="">HP 03</ac:parameter></ac:structured-macro> \[HP 2003\] [Tru64 UNIX: Protecting Your System Against File Name Spoofing Attacks|http://h30097.www3.hp.com/docs/wpapers/spoof_wp/symlink_external.pdf]. Houston, TX: Hewlett-Packard Company, January 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1c6f1b7290e258e-d1db7a3a-47264f7f-b7009655-239d3d12d99a3b541f4baaea"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro> \[IEC 60812 2006\] _Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)_, 2nd ed. (IEC 60812). IEC, January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3d87bdc8be79cf6-d9e8b5ff-4d304a48-ad718dfe-45f5e9fee818178edc77c45f"><ac:parameter ac:name="">IEC 61508 4</ac:parameter></ac:structured-macro> \[IEC 61508-4\] _Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations_, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="109b26ab1b9e43bb-a216831b-47344c4b-8c8f8d19-f23147ad577a0d6e14afdbff"><ac:parameter ac:name="">IEEE Std 610.12 1990</ac:parameter></ac:structured-macro> \[IEEE Std 610.12 1990\] _IEEE Standard Glossary of Software Engineering Terminology_, September 1990. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="537335598d7d75f6-f18f863e-4ddb4eeb-bf6caa22-28c55636f593747114890511"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro> \[IEEE 754 2006\] IEEE. [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985), 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc4898b7ed4071b2-217c95e6-4d1f444f-b5a9b9a8-3951c182b3eb4a2b95510c94"><ac:parameter ac:name="">IEEE Std 1003.1</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="62b1e7d25e0922ad-a11f9c2d-487f430a-bfa297c0-eac23200b35cf1c59ce5b856"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> \[IEEE Std 1003.1-2008\] IEEE. [The Open Group Base Specifications Issue 7|http://www.opengroup.org/onlinepubs/9699919799] IEEE Std 1003.1, 2008 Edition. See also [#ISO/IEC 9945-2008] and [#Open Group 2008]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a7083e0bd7e57851-c75ec7b7-49b5480b-a925a24b-e955ef188e86be753bbdd1be"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd659c2a8c35265b-ba326fb3-472d4c8d-ba4fbb95-e492971967d5cd28e0bf1c81"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro> \[IEEE Std 1003.1, 2004\] IEEE. [The Open Group Base Specifications Issue 6|http://www.opengroup.org/onlinepubs/009695399/] IEEE Std 1003.1, 2004 Edition. See also [#ISO/IEC 9945-2004] and [#Open Group 04]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="756bc0435c019df8-f8691478-40324c71-ae53b695-8e5d05360d7cd05806651be9"><ac:parameter ac:name="">IEEE 1003</ac:parameter></ac:structured-macro> \[ilja 2006\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4fcca0f3c794fdc-042da2c7-46224011-bbe5b936-2e008dc7e6fffa33e55ac958"><ac:parameter ac:name="">Intel 01</ac:parameter></ac:structured-macro> \[Intel 2001\] Intel Corp. [_Floating-Point IEEE Filter for Microsoft\* Windows\* 2000 on the Intel® Itanium⢠Architecture_|ftp://download.intel.com/software/opensource/libraries/ieee/ieee_filter_windows2000.pdf], March 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48495cbe77fa5117-9b9bbdac-4cc948d7-af8d9a43-184d579e7742dd5848632cc3"><ac:parameter ac:name="">Internet Society 00</ac:parameter></ac:structured-macro> \[Internet Society 2000\] The Internet Society. [Internet Security Glossary (RFC 2828)|ftp://ftp.rfc-editor.org/in-notes/rfc2828.txt], 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f17054a45569dde-55981128-445540b8-8e5ab1ec-e3b55183712f024852039a9b"><ac:parameter ac:name="">ISO/IEC 646-1991</ac:parameter></ac:structured-macro> \[ISO/IEC 646:1991\] ISO/IEC. _Information technology: ISO 7-bit coded character set for information interchange_ (ISO/IEC 646-1991). Geneva, Switzerland: International Organization for Standardization, 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4ebefffa4340a06-94eb06fc-43b543c7-875da777-9196c3b8a3b6997453854d9a"><ac:parameter ac:name="">ISO/IEC 9945-2008</ac:parameter></ac:structured-macro> \[ISO/IEC 9945:2008\] _ISO/IEC 9945:2008 Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX ^®^)_. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fbc18652ee670318-0216314d-47c54af8-a1b3af31-c4be4fd57d0ba9f8b45e69b8"><ac:parameter ac:name="">ISO/IEC 9945-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 9945:2003\] _ISO/IEC 9945:2003 (including Technical Corrigendum 1), Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX®)_. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bdf087d352f1caea-8faf5830-4c0940bc-b69baa71-bb85d0bf0a90c3fde9876b28"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro> \[ISO/IEC 9899:1999\] ISO/IEC. _Programming Languages---C, 2nd ed_ (ISO/IEC 9899:1999). Geneva, Switzerland: International Organization for Standardization, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="339424e005998256-f02517d0-40524284-b5ef98c0-24aa72659683b46091545cda"><ac:parameter ac:name="">ISO/IEC 10646-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 10646:2003\] _Information technology - Universal Multiple-Octet Coded Character Set (UCS)_ (ISO/IEC 10646:2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="626e862469dd033f-45390f69-42534291-a7a2aa91-636a24cd81ffaf699160320e"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 14882:2003\] ISO/IEC. _Programming Languages --- C++, Second Edition_ (ISO/IEC 14882-2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52678196cfffc865-7b0bf867-4ab54b1e-b6fc9183-4dd6706b25da532d5a914c17"><ac:parameter ac:name="">ISO/IEC 23360-1-2006</ac:parameter></ac:structured-macro> \[ISO/IEC 23360-1:2006\] [_Linux Standard Base (LSB) core specification 3.1 - Part 1: Generic specification_|http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc802055ed9367ea-351dd368-40144061-81d998a2-623a5a8527106449ea21e9e0"><ac:parameter ac:name="">ISO/IEC 03</ac:parameter></ac:structured-macro> \[ISO/IEC 2003\] ISO/IEC. [_Rationale for International Standard --- Programming Languages --- C, Revision 5.10_|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf]. Geneva, Switzerland: International Organization for Standardization, April 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f9b96b52f8e34961-73edfeba-4b464702-9e2181d8-debc21a723dfb5880183c469"><ac:parameter ac:name="">ISO/IEC JTC1/SC22/WG11</ac:parameter></ac:structured-macro> \[ISO/IEC JTC1/SC22/WG11\] ISO/IEC. [_Binding Techniques_|http://www.open-std.org/JTC1/SC22/WG11/] (ISO/IEC JTC1/SC22/WG11), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3ab00c6308015625-349b4df9-4e0741ce-9c08ba7f-d55fb630b42e546b388ba367"><ac:parameter ac:name="">ISO/IEC DTR 24732</ac:parameter></ac:structured-macro> \[ISO/IEC DTR 24732\] ISO/IEC JTC1 SC22 WG14 N1290. [Extension for the programming language C to support decimal floating-point arithmetic|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1290.pdf], March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9a0abed848a1081-2fb2ce99-48964f5c-9f55a2f9-d22c900ebf6db37a9eac1a16"><ac:parameter ac:name="">ISO/IEC PDTR 24731-2-2007</ac:parameter></ac:structured-macro> \[ISO/IEC PDTR 24731-2\] [Extensions to the C Library, --- Part II: Dynamic Allocation Functions|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1248.pdf], August 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec8a6d12d1b9046e-cbfb01a8-4e01460d-a40881c6-ba45303708c138300d1235b4"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro> \[ISO/IEC DTR 24772\] ISO/IEC DTR 24772. _Information Technology_ --- _Programming Languages_ --- [_Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_|http://www.aitcnet.org/isai/_Mtg_13/22-WG23-N-0238/n0238.pdf], November 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e2ae1a687b224257-d2efcd66-4375416f-81129d91-601b2e3e92d5b3d2ba69e71b"><ac:parameter ac:name="">ISO/IEC TR 24731-1-2007</ac:parameter></ac:structured-macro> \[ISO/IEC TR 24731-1:2007\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. Geneva, Switzerland: International Organization for Standardization, April 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c2c67838a7cff9f-7e25422f-4c42470b-b705aa6a-2b23b6f767de3101e91e22c6"><ac:parameter ac:name="">Jack 07</ac:parameter></ac:structured-macro> \[Jack 2007\] Jack, Barnaby. [_Vector Rewrite Attack_|http://www.juniper.net/solutions/literature/white_papers/Vector-Rewrite-Attack.pdf], May 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="535536739f50add2-96364474-45564f82-9476a4f9-be13bd2a85e9e780867d0beb"><ac:parameter ac:name="">Jones 04</ac:parameter></ac:structured-macro> \[Jones 2004\] Jones, Nigel. ["Learn a new trick with the offsetof() macro."|http://www.netrino.com/Articles/OffsetOf/index.php] _Embedded Systems Programming_, March 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a4751e53de74242-b3205f49-4ae64ff6-8c06a334-950ae0b231eb90f361d7f441"><ac:parameter ac:name="">Jones 08</ac:parameter></ac:structured-macro> \[Jones 2008\] Jones, Derek M. [The New C Standard: An economic and cultural commentary|http://www.knosof.co.uk/cbook/]. Knowledge Software Ltd., 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3151afc000c7e624-2377145a-4c1c45a9-9aefb622-4363f622f61ebac6ffec7fae"><ac:parameter ac:name="">Jones 09</ac:parameter></ac:structured-macro> \[Jones 2009\] Jones, Larry. [WG14 N1401 Committee Draft ISO/IEC 9899:201x|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1425.pdf]. November 24, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="289cf47c04eb1116-68a4d988-493b4d85-9b39ac11-c8881b7f5c4cb40cab0728a0"><ac:parameter ac:name="">Keaton 09</ac:parameter></ac:structured-macro> \[Keaton 2009\] David Keaton, Thomas Plum, Robert C. Seacord, David Svoboda, Alex Volkovitsky, Timothy Wilson. [As-if Infinitely Ranged Integer Model|http://www.sei.cmu.edu/publications/documents/09.reports/09tn023.html]. CMU/SEI-2009-TN-023. July, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8c17ba454c4b34a7-e78298a5-40df4cae-a7d593a0-179e0b43e751d644a3205d9c"><ac:parameter ac:name="">Keil 08</ac:parameter></ac:structured-macro> \[Keil 2008\] Keil, an ARM Company. "[Floating Point Support|http://www.keil.com/support/man/docs/armlib/armlib_bihbjiea.htm]." _RealView Libraries and Floating Point Support Guide_, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="49c6eb4d7f48d75e-1f990ee7-433c404c-bdea8290-8c7e0c8f4c13c80be96ef683"><ac:parameter ac:name="">Kennaway 00</ac:parameter></ac:structured-macro> \[Kennaway 2000\] Kennaway, Kris. [Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3], December 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b3bf8d7abf64dce0-73d94862-4d674b16-895cb6cd-1e464d49f270cbbfa5e503fa"><ac:parameter ac:name="">Kernighan 88</ac:parameter></ac:structured-macro> \[Kernighan 88\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d5924c71f1beec7-c58af582-4a1b46fe-9abf85db-c5afb95889fc2b423571deb2"><ac:parameter ac:name="">Kernighan 147</ac:parameter></ac:structured-macro> \[Kernighan 147\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3098469f66178d6-89ba6226-418b4430-a7209c3e-df430fab3e98f09ff4d15595"><ac:parameter ac:name="">Kettle 02</ac:parameter></ac:structured-macro> \[Kettlewell 2002\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html], February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9549fd1ffe6bd69b-de61f64d-47e04dbf-84e1b0a3-d17aabbc4b06fc649c958346"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro> \[Kettlewell 2003\] Kettlewell, Richard. [_Inline Functions In C_|http://www.greenend.org.uk/rjk/2003/03/inline.html], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="337ac18736784b92-2f51c183-446f4d22-a0e49b22-5c303aa9ab3d945728345e4a"><ac:parameter ac:name="">Kirch-Prinz 02</ac:parameter></ac:structured-macro> \[Kirch-Prinz 2002\] Kirch-Prinz, Ulla & Prinz, Peter. _C Pocket Reference_. Sebastopol, CA: O'Reilly, November 2002 (ISBN: 0-596-00436-2). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51d4c40e7a744efc-15995877-4dd94c5e-8115b5f4-62e5accb7ebf9b4c75ea09cc"><ac:parameter ac:name="">Klarer 04</ac:parameter></ac:structured-macro> \[Klarer 2004\] Klarer, R., Maddock, J., Dawes, B. & Hinnant, H. "Proposal to Add Static Assertions to the Core Language (Revision 3)." ISO C+\+ committee paper ISO/IEC JTC1/SC22/WG21/N1720, October 2004. Available at [http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1720.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7df9d051741e10d-f44e5fef-42164c54-8251bd62-971ffa67810ee62a73826718"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro> \[Klein 2002\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html], 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f78b4dfdedc377d-f9202710-44b547de-b67894ca-897e2256762baac46ceaebdf"><ac:parameter ac:name="">Koenig 89</ac:parameter></ac:structured-macro> \[Koenig 1989\] Koenig, Andrew. _C Traps and Pitfalls_. Addison-Wesley Professional, January 1, 1989. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b007d34f913246c-66820602-4ac44cb5-92f5ade3-33aa43cb7eda8bba0c6940ac"><ac:parameter ac:name="">Kuhn 06</ac:parameter></ac:structured-macro> \[Kuhn 2006\] Kuhn, Markus. [_UTF-8 and Unicode FAQ for Unix/Linux_|http://www.cl.cam.ac.uk/~mgk25/unicode.html], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a04964a0d1c71513-55a26c36-4f284092-8cd8b4c5-c52407f00902a1da31fc879d"><ac:parameter ac:name="">Lai 06</ac:parameter></ac:structured-macro> \[Lai 2006\] Lai, Ray. "[Reading Between the Lines|http://undeadly.org/cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3bbe6e43213cddb5-b7bb7d08-4f8d44d8-a7ddb3dd-76344b97d8b4b64b5aaae10f"><ac:parameter ac:name="">Lewis 06</ac:parameter></ac:structured-macro> \[Lewis 2006\] Lewis, Richard. "[Security Considerations When Handling Sensitive Data|http://secureapps.blogspot.com/2006/10/security-considerations-when-handling.html]." Posted on the Application Security by Richard Lewis blog October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7bcdf7af9e5b2609-48b133bb-4d2e4d84-bf03b0f8-97018acabd7a197732fd4931"><ac:parameter ac:name="">Linux 08</ac:parameter></ac:structured-macro> \[Linux 2008\] [Linux Programmer's Manual|http://www.kernel.org/doc/man-pages/online_pages.html], October 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="02e6bd2f254440b8-ac67aabd-49184ad7-9a02b7e4-ac6c4d4abfb32734302967d0"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro> \[Lions 1996\] Lions, J. L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52349007e3175208-ec4f2c4b-41d54153-8eb5b4ce-fee447b2d3cc46774707975f"><ac:parameter ac:name="">Lipson 00</ac:parameter></ac:structured-macro> \[Lipson 2000\] Lipson, Howard & Fisher, David. "Survivability: A New Technical and Business Perspective on Security," 33-39. _Proceedings of the 1999 New Security Paradigms Workshop_. Caledon Hills, Ontario, Canada, Sept. 22-24, 1999. New York: Association for Computing Machinery, 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c66117b8f2995d3-3fd534b3-4ca24115-bb038a38-db5fd5c8bf6ad0254a71d998"><ac:parameter ac:name="">Lipson 06</ac:parameter></ac:structured-macro> \[Lipson 2006\] Lipson, Howard. _Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks_ (CMU/SEI-2006-TN-027). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9864d3aa6f5ab5b6-2a072236-4ed84241-8fd6bb82-62f0f827f1dda054e3588c38"><ac:parameter ac:name="">Lipson 2009</ac:parameter></ac:structured-macro> \[Liu 2009\] Likai Liu. [Making NULL-pointer reference legal|http://lifecs.likai.org/2009/01/making-null-pointer-reference-legal.html], Life of a Computer Science Student, January, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c04d15ae6a8b1664-736c2a00-41fa4751-a4bf9be6-fa9ac46846c861ac390868a5"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro> \[Lockheed Martin 2005\] Lockheed Martin. "[Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program.|http://www.research.att.com/~bs/JSF-AV-rules.pdf]" Document Number 2RDU00001 Rev C., December 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a303ed071f5ba5d3-b5937057-40a344cc-85d4ae12-a64c7f4fdd82fa7fb417453f"><ac:parameter ac:name="">Loosemore 07</ac:parameter></ac:structured-macro> \[Loosemore 2007\] Loosemore, Sandra, Stallman, Richard M., McGrath, Roland, Oram, Andrew, & Drepper, Ulrich. [The GNU C Library Reference Manual|http://www.gnu.org/software/libc/manual/], Edition 0.11, September 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e8b29475a9df479c-cda8da1e-4c944c68-bf78a0be-9de8c27a4f357d088cab446c"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro> \[McCluskey 2001\] [_flexible array members and designators in C9X_|http://www.usenix.org/publications/login/2001-07/pdfs/mccluskey.pdf] ;login:, July 2001, Volume 26, Number 4, p. 29---32. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59c7be82aa936fa1-71162e84-4a434cd6-8ec691d0-ceb80ec5f806a86d37faaf9d"><ac:parameter ac:name="">Mell 07</ac:parameter></ac:structured-macro> \[Mell 2007\] P. Mell, K. Scarfone, and S. Romanosky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0", FIRST, June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3836a96f39cc2494-59921038-47ab4e47-b230a547-3e1db28d4fced48479b79d74"><ac:parameter ac:name="">mercy 06</ac:parameter></ac:structured-macro> \[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip], January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b6a86b1eb9712425-b96f3616-4176442f-b1b9ab22-1b023166bdc6430aaf48f34a"><ac:parameter ac:name="">Meyers 2004</ac:parameter></ac:structured-macro> \[Meyers 2004\] Randy Meyers. [Limited size_t|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1080.pdf] WG14 N1080. September, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1291ffee84c0f69d-9125524e-4e6d4ae5-a5c798bd-91b55027db1c4d170d7ea159"><ac:parameter ac:name="">Microsoft 03</ac:parameter></ac:structured-macro> \[Microsoft 2003\] Microsoft Security Bulletin MS03-026, "[Buffer Overrun In RPC Interface Could Allow Code Execution (823980)|http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx]," September 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c7240201aa256955-3055ce13-46554725-bde78089-1bd3994f3d1332cf42c232ed"><ac:parameter ac:name="">Microsoft 07</ac:parameter></ac:structured-macro> \[Microsoft 2007\] [C Language Reference|http://msdn2.microsoft.com/en-us/library/fw5abdx6(VS.80).aspx], 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4e24b28d30ea5fe3-c4698ea1-4f354ed3-aadc8c31-364bc08fa9373e9c6be3697f"><ac:parameter ac:name="">Miller 99</ac:parameter></ac:structured-macro> \[Miller 1999\] Todd C. Miller and Theo de Raadt. strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation. In Proceedings of the FREENIX Track, 1999 USENIX Annual Technical Conference. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d514e9bd12c5293-f9af7c75-4c4c47e9-bd1a9ec1-9ca35edabb0fcfb16b32136f"><ac:parameter ac:name="">Miller 04</ac:parameter></ac:structured-macro> \[Miller 2004\] Miller, Mark C., Reus, James F., Matzke, Robb P., Koziol, Quincey A., & Cheng, Albert P. "[Smart Libraries: Best SQE Practices for Libraries with an Emphasis on Scientific Computing|https://wci.llnl.gov/codes/smartlibs/UCRL-JRNL-208636.pdf]." _Proceedings of the Nuclear Explosives Code Developer's Conference_, December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e92028f2dd741d93-2b296c36-48084844-beaf9651-c1a27def2a902dd29b4e9d99"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro> \[MISRA 2004\] MISRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1532bf443bcec85d-05bdb943-447c49c7-bbf78a38-4612066ef751583c2fab9043"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro> \[MISRA 2008\] MIRA Limited. "[MISRA C+\+|http://www.misra.org.uk/]: 2008 "Guidelines for the Use of the C+\+ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9eebad7424873e36-843a3402-44a349ad-9c76a32a-64a75b4c08ffabe150d5be43"><ac:parameter ac:name="">MIT 04</ac:parameter></ac:structured-macro> \[MIT 2004\] MIT. "[MIT krb5 Security Advisory 2004-002|hhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt], 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5862f63d38452f11-be000f77-416e4e10-8ab1bfe5-f62a6dd0f6bfe23643e3c487"><ac:parameter ac:name="">MIT 05</ac:parameter></ac:structured-macro> \[MIT 2005\] MIT. "[MIT krb5 Security Advisory 2005-003|http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-003-recvauth.txt], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b786f11179aeca1-d594c1c3-4ed24ab0-a326871d-ff1a4b1e28e5f229026cbc86"><ac:parameter ac:name="">MITRE</ac:parameter></ac:structured-macro> \[MITRE\] MITRE. [Common Weakness Enumeration, Version 1.8|http://cwe.mitre.org/], February 2010. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8897d6c983c59d31-44a9f642-40884f32-a85b8812-41b459694411b307b12bc895"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro> \[MITRE 2007\] MITRE. [Common Weakness Enumeration, Draft 9|http://cwe.mitre.org/], April 2008.\\ |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9329a268be40e54-3f633629-4300473e-9c419754-670c7f77398f00bed375dc3e"><ac:parameter ac:name="">MKS</ac:parameter></ac:structured-macro> \[MKS\] MKS Inc. [MKS Reference Pages|http://www.mkssoftware.com/docs/api_index.asp/] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e1ad0bfa5a083299-4fe907b3-403541c8-a81f8e30-a733cfff4180c59a9626eb07"><ac:parameter ac:name="">MSDN</ac:parameter></ac:structured-macro> \[MSDN\] [Microsoft Developer Network|http://msdn.microsoft.com/en-us/default.aspx]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9815bb0f75695e8c-e77d3dc6-4c23442f-8ffea2e0-e7618bafce7062ef914af273"><ac:parameter ac:name="">Murenin 07</ac:parameter></ac:structured-macro> \[Murenin 2007\] Murenin, Constantine A. "[cnst: 10-year-old pointer-arithmetic bug in make(1) is now gone, thanks to malloc.conf and some debugging|http://cnst.livejournal.com/24040.html]," June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="303aed6dc62080fd-5ded891d-48f44534-808d8b16-aeb53806d7b10d85407d1a5c"><ac:parameter ac:name="">NAI 98</ac:parameter></ac:structured-macro> \[NAI 1998\] Network Associates Inc. [Bugtraq: Network Associates Inc. Advisory (OpenBSD)|http://seclists.org/bugtraq/1998/Aug/0071.html], 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09d423e79065ee2e-9e9b1445-4dc94a27-ae2c9d27-d087b92e44bdf4c562dc3427"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro> \[NASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="11327c897891bf78-bc4e0e70-4ec1438c-85469223-a008f5cf2565b4316f9d34ac"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro> \[NIST 2006\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc90efba33a6104e-2da38baa-498a403f-9829b445-3f93d8fd6360a94352d7097f"><ac:parameter ac:name="">OpenBSD</ac:parameter></ac:structured-macro> \[OpenBSD\] Berkley Software Design, Inc. [Manual Pages|http://www.openbsd.org/cgi-bin/man.cgi], June 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ad07616a9de0452-dee1f7b3-44a740d1-b6149f56-288d7b365418ce213f09e5c6"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2a59237777db4e89-d181cdd0-42554332-960c86c4-d29fc3139f3e7ffad75dcaa5"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="df118b2f7978d807-1e1895f6-46ad4b54-a4e6bbb1-f7e3af9e7825c298945aa7b3"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f79e3b8fced76407-6abbdda3-4d5349c7-843991cf-792162f44f2487d3b35d1e64"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>\[Open Group 08\] The Open Group. "[_The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition_|http://www.opengroup.org/onlinepubs/9699919799/toc.htm]." (2008). See also [#IEEE Std 1003.1-2008]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="abcc23b39be7440c-08e87cc9-4593476c-b2bd8d24-c658dcce9f7ba36680efb7ba"><ac:parameter ac:name="">Open Group 97a</ac:parameter></ac:structured-macro> \[Open Group 1997a\] The Open Group. [_The Single UNIX® Specification, Version 2_|http://www.opengroup.org/onlinepubs/7990989775/toc.htm], 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b5336d42a0e8fc1-6b854761-4b104de0-9311a80a-b8c92d3e21e93c15ec636512"><ac:parameter ac:name="">Open Group 97b</ac:parameter></ac:structured-macro> \[Open Group 1997b\] The Open Group. [_Go Solo 2---The Authorized Guide to Version 2 of the Single UNIX Specification_|http://www.unix.org/whitepapers/64bit.html], May 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="db7d3e9b4e0605e7-5d77b36d-4d9d4068-8a149ab7-624d6966aba34097da37e234"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8e93bc08f1deb3d8-c9efd680-42064a1d-a3a482f9-ebb728828526e4083e1433d3"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4823b7cf9bb570c-1de08b93-4e03410e-a8e8ba82-b38feea22c69993e775ce3dc"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a60167abde9db5b7-fdf846c1-45a24b24-b4c8b80a-4beb6e67a77a4f862079094c"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>\[Open Group 2004\] The Open Group. "[_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm]." (2004). See also [#IEEE Std 1003.1-2004]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7eac8b2a52ff9548-ad341846-4034406a-8a7297f8-472d789528bc53d3147a139c"><ac:parameter ac:name="">OWASP Double Free</ac:parameter></ac:structured-macro> \[OWASP Double Free\] Open Web Application Security Project, "[Double Free|http://www.owasp.org/index.php/Double_Free]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9943f6876d9d8624-5ee93c66-4ba24934-82199a8e-01449055de79fad2273f0904"><ac:parameter ac:name="">OWASP Freed Memory</ac:parameter></ac:structured-macro> \[OWASP Freed Memory\] Open Web Application Security Project, "[Using freed memory|http://www.owasp.org/index.php/Using_freed_memory]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da7976ef3a6ddc8d-dc75b041-4edb4838-a7fcaa0a-2660c46871317eed125de758"><ac:parameter ac:name="">Pethia 03</ac:parameter></ac:structured-macro> \[Pethia 2003\] Pethia, Richard D. "[Viruses and Worms: What Can We Do About Them?|http://www.cert.org/congressional_testimony/Pethia-Testimony-9-10-2003/]" September 10, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc77a44adc55ff9b-1ac44ff7-4d564d7c-b9f58c08-c29308dca4fffd62d28a4ef3"><ac:parameter ac:name="">Pfaff 04</ac:parameter></ac:structured-macro> \[Pfaff 2004\] Pfaff, Ken Thompson. "[Casting (time_t)(-1)|http://groups.google.com/group/comp.lang.c/browse_thread/thread/8983d8d729244f2b/ea0e2972775a1114?#ea0e2972775a1114]." _Google Groups comps.lang.c_, March 2, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e75ddd24b1f9b88f-7870dd09-466348c9-8353a83c-d0c556417674be8f270d0d8d"><ac:parameter ac:name="">Pike 93</ac:parameter></ac:structured-macro> \[Pike 1993\] Pike, Rob & Thompson, Ken. "Hello World." _Proceedings of the USENIX Winter 1993 Technical Conference_, San Diego, CA, January 25-\--29, 1993, pp. 43-\--50. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cabf10fc3f976515-1a8fa4a6-455042f4-8492b01a-3453a2870889ed8d9b9d6d3a"><ac:parameter ac:name="">Plakosh 05</ac:parameter></ac:structured-macro> \[Plakosh 2005\] Plakosh, Dan. [_Consistent Memory Management Conventions_|https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/coding/476.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e5a4c6cc9d8930c-c3cdcdd1-45ae4d04-8c91a5b3-2e2d9eeea9211354d55801b6"><ac:parameter ac:name="">Plum 85</ac:parameter></ac:structured-macro> \[Plum 1985\] Plum, Thomas. _Reliable Data Structures in C_. Kamuela, HI: Plum Hall, Inc., 1985 (ISBN 0-911537-04-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a4120601b9dc2456-4701200e-46e24fe8-a63cb0ac-2b8a0e5a452bed2f57166cd8"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro> \[Plum 1989\] Plum, Thomas, & Saks, Dan. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, 1989 (ISBN 0911537074). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc8915824666fdf4-f7703da3-4b854bde-9dd89b25-d19a9274e64eeaf2b439fea2"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro> \[Plum 1991\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, 1991 (ISBN 0911537104). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48b01f2555decced-06f076fd-47024d4d-929995d1-3e4d0309d55c383e1152dfa8"><ac:parameter ac:name="">Plum 08</ac:parameter></ac:structured-macro> \[Plum 2008\] Plum, Thomas. Static Assertions. June, 2008. [http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1330.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="28e2afa620dda245-5f860518-47f64116-aa0b875c-203d7e9cf39c8ac30c9cea26"><ac:parameter ac:name="">Redwine 06</ac:parameter></ac:structured-macro> \[Redwine 2006\] Redwine, Samuel T., Jr., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. U.S. Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56269c398120b97d-652d50a4-4d8a4621-a894beb4-e023bcfd504bb88a169cbec9"><ac:parameter ac:name="">RUS-CERT</ac:parameter></ac:structured-macro> \[RUS-CERT\] RUS-CERT Advisory 2002-08:02, "[Flaw in calloc and similar routines|http://cert.uni-stuttgart.de/advisories/calloc.php]," 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b081bc21104c06f4-418becb0-498b493f-8dd08a5d-3745bf4af7577c9b35c9f99e"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro> \[Saltzer 1974\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM 17_, 7 (July 1974): 388---402. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d507d0eb53a1de2-b9ffad31-406f4d52-bac8b793-682803fa9f6b716c8e4acb46"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro> \[Saltzer 1975\] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." _Proceedings of the IEEE 63_, 9 (September 1975): 1278-1308. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7f74648a4daa5b55-7c5ff2f6-4e264360-adf7a10e-f0fc92d88fd283db09fb2e5b"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro> \[Saks 1999\] Saks, Dan. "[const T vs.T const|http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]." _Embedded Systems Programming_, February 1999, pp. 13-16. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="289298b1440d7b85-dd1281eb-4465489a-987786df-522518c0f54ce809adc3cd12"><ac:parameter ac:name="">Saks 00</ac:parameter></ac:structured-macro> \[Saks 2000\] Saks, Dan. "[Numeric Literals|http://www.embedded.com/2000/0009/0009pp.htm]." _Embedded Systems Programming_, September 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f5268bbfb3caf5b-ddf3b8ab-4d20403b-bd538426-c951c100ab3739340038e31d"><ac:parameter ac:name="">Saks 01a</ac:parameter></ac:structured-macro> \[Saks 2001a\] Saks, Dan. "[Symbolic Constants|http://www.embedded.com/story/OEG20011016S0116]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6323e169de19ff55-7ab3be68-487e4f41-b7ed9722-91fca4e38328a5966ee1b078"><ac:parameter ac:name="">Saks 01b</ac:parameter></ac:structured-macro> \[Saks 2001b\] Saks, Dan. "[Enumeration Constants vs. Constant Objects|http://www.embedded.com/columns/programmingpointers/9900402]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17e8e428fb8ccad2-c477f130-42784b8c-852caa3d-5a2d9ff039774d86bdc909f1"><ac:parameter ac:name="">Saks 02</ac:parameter></ac:structured-macro> \[Saks 2002\] Saks, Dan. "[Symbolic Constant Expressions|http://www.embedded.com/story/OEG20020124S0117]." _Embedded Systems Design_, February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb54e9fc4cec89da-9c711d01-4e8a414c-9b589b11-25c7acfc128a01229cf613e1"><ac:parameter ac:name="">Saks 05</ac:parameter></ac:structured-macro> \[Saks 2005\] Saks, Dan. "[Catching Errors Early with Compile-Time Assertions|http://www.embedded.com/columns/programmingpointers/164900888?_requestid=287187]." _Embedded Systems Design_, June 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="960e216704bdb60c-2e2138be-435440ca-91089166-4704dd737da0330cafdf04bb"><ac:parameter ac:name="">Saks 07a</ac:parameter></ac:structured-macro> \[Saks 2007a\] Saks, Dan. "[Sequence Points|http://www.embedded.com/columns/programmingpointers/9900661?_requestid=481957]" _Embedded Systems Design_, July 1, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4734b29b1ab9d2c-09ecf521-44ed4327-a78fae5a-29593709c48310dfb5685130"><ac:parameter ac:name="">Saks 07b</ac:parameter></ac:structured-macro> \[Saks 2007b\] Saks, Dan. [Bail, return, jump, or . . . throw?|http://www.embedded.com/columns/programmingpointers/197008821]. _Embedded Systems Design_, March 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a0d3255909146c74-65973e70-4b044e4d-bbf083e5-6879749c423891158a448f6e"><ac:parameter ac:name="">Saks 08</ac:parameter></ac:structured-macro> \[Saks 2008\] Saks, Dan, & Dewhurst, Stephen C. "Sooner Rather Than Later: Static Programming Techniques for C++" (presentation, March 2008). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f74e90bf25921ba5-9d1b2aee-49d54b77-ad54b876-cb841c35a8158ff3e25ecd90"><ac:parameter ac:name="">Schwarz 05</ac:parameter></ac:structured-macro> \[Schwarz 2005\] Schwarz, B., Wagner, Hao Chen, Morrison, D., West, G., Lin, J., & Tu, J. Wei. "Model checking an entire Linux distribution for security violations." _Proceedings of the 21st Annual Computer Security Applications Conference_, December 2005 (ISSN 1063-9527; ISBN 0-7695-2461-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="335452ce1b4943a1-5e3658c3-4f234e4b-bf20aecf-af2f6d75512961a8f9dfc4a0"><ac:parameter ac:name="">Seacord 03</ac:parameter></ac:structured-macro> \[Seacord 2003\] Seacord, Robert C., Plakosh, Daniel, & Lewis, Grace A. [_Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices_|http://www.informit.com/store/product.aspx?isbn=0321118847]. Addison-Wesley, February 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8212f2a864104365-5c2217a3-44a74c1f-8a96b622-1e2736c4e65d2b7bf286bce5"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a77d76e725d1d9f-bcdd1170-445c4761-a6cd883a-8f7585ca51390ba882e4261b"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro> \[Seacord 2005a\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17e0b5c759c4727e-b180eb83-4f0444ac-843280e9-9259527bf05505753bcce22c"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro> \[Seacord 2005b\] Seacord, Robert C. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30---34. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e14fa0522a882805-c1e6939f-494642d0-b625844c-9e196dd41e780a03b195e9af"><ac:parameter ac:name="">Seacord 05c</ac:parameter></ac:structured-macro> \[Seacord 2005c\] Seacord, Robert C. [_Variadic Functions: How they contribute to security vulnerabilities and how to fix them_|http://www.cert.org/books/secure-coding/LWM%203-11%20%28Seacord%29.pdf]. _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="30ca857d9138ea3a-c77f54e4-4e1f4733-b11ab0c9-8533faf3964371df1366f632"><ac:parameter ac:name="">Secunia</ac:parameter></ac:structured-macro> \[Secunia\] Secunia Advisory SA10635, "[HP-UX calloc Buffer Size Miscalculation Vulnerability|http://secunia.com/advisories/10635/]," 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="550bbaa4838716de-b3e31148-4b794997-aebfab11-c9ceae32da4f532a0f471e30"><ac:parameter ac:name="">SecurityFocus 07</ac:parameter></ac:structured-macro> \[SecurityFocus 2007\] SecurityFocus. "[Linux Kernel Floating Point Exception Handler Local Denial of Service Vulnerability|http://www.securityfocus.com/bid/10538/discuss]," 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="41d60eca0a2b395c-438f14df-49184ede-ac9abbf5-9e4df9d6d609a6b8a6e27006"><ac:parameter ac:name="">SecuriTeam 07</ac:parameter></ac:structured-macro> \[SecuriTeam 2007\] SecuriTeam. "[Microsoft Visual C+\+ 8.0 Standard Library Time Functions Invalid Assertion DoS (Problem 3000)|http://www.securiteam.com/windowsntfocus/5MP0D0UKKO.html]," February 13, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef717f29303f40ee-ef6b6b6a-43be47dc-85e48124-6b08e06e0b6986116f401808"><ac:parameter ac:name="">Sloss 04</ac:parameter></ac:structured-macro> \[Sloss 2004\] Sloss, Andrew, Symes, Dominic, & Wright, Chris. [_ARM System Developer's Guide_|http://www.arm.com/documentation/books/4975.html]. San Francisco:Elsevier/Morgan Kauffman, 2004 (ISBN-10: 1558608745; ISBN-13: 978-1558608740). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc007d67ab989074-acf3c18c-4b8f4e6c-a20ebfa0-ffb3264478604f76f77007b6"><ac:parameter ac:name="">Spinellis 06</ac:parameter></ac:structured-macro> \[Spinellis 2006\] Spinellis, Diomidis. [_Code Quality: The Open Source Perspective_|http://www.spinellis.gr/codequality]. Addison-Wesley, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eef71b7a9150c5b4-96c2df40-4be042e8-ae29bb69-652466dbc5466aa4c4b4ad6f"><ac:parameter ac:name="">StackOvflw 09</ac:parameter></ac:structured-macro> \[StackOvflw 2009\] ["Should I return TRUE / FALSE values from a C function?"|http://stackoverflow.com/questions/559061/should-i-return-true-false-values-from-a-c-function] StackOverflow.com User Questions. March 15, 2010. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ad40b7fa54cba766-f19d6184-4bdc4c20-9432ab37-3054c3b27f4546c82c8869d1"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro> \[Steele 1977\] Steele, G. L. "[Arithmetic shifting considered harmful|http://doi.acm.org/10.1145/956641.956647]." _SIGPLAN Not._ 12, 11 (November 1977), 61-69. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e944dfcae1a9c61a-8c038795-45834d60-851bac60-5d25ee65717f02980535f8cd"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro> \[Summit 1995\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ba01530aaff1c88e-4ab63e19-4a334169-a697b1ad-22edb549949b097d639ce94e"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro> \[Summit 2005\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://www.faqs.org/faqs/comp.lang.c/C-FAQ-list/?], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48fcc180f3274eab-30286904-42f049c7-8ed69277-9704ca944166ccf9515daa6a"><ac:parameter ac:name="">Sun</ac:parameter></ac:structured-macro> \[Sun\] [Sun Security Bulletin #00122|http://sunsolve.sun.com/search/document.do?assetkey=1-22-00122-1], 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc181c0ebd7a61fc-d0b118e0-43aa490e-af96bff7-906a56d3821d6d1aff22a348"><ac:parameter ac:name="">Sun 05</ac:parameter></ac:structured-macro> \[Sun 2005\] [C User's Guide|http://docs.sun.com/source/819-3688/]. 819-3688-10. Sun Microsystems, Inc., 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d87e33b5b1145597-4eea7c63-4cad4afd-91eebe2e-07dbc6cf5af942445ab4c95f"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro> \[Sutter 2004\] Sutter, Herb & Alexandrescu, Andrei. C+\+ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA:Addison-Wesley Professional, 2004 (ISBN 0321113586). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1a47da758490d57b-0cbaf64b-4191447a-864fa1d7-59f6776e3bed54ac07d8a588"><ac:parameter ac:name="">Tsafrir 08</ac:parameter></ac:structured-macro> \[Tsafrir 2008\] Tsafrir, Dan, Da Silva, Dilma, & Wagner, David. [The Murky Issue of Changing Process Identity: Revising "Setuid Demystified"|http://www.eecs.berkeley.edu/~daw/papers/setuid-login08b.pdf] USENIX, June 2008, pages 55-66 |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eb273b63f4050c05-18dd7d3d-473d4ee1-a5aa9757-4703d4bc3c962527b4b23596"><ac:parameter ac:name="">Unicode 06</ac:parameter></ac:structured-macro> \[Unicode 2006\] The Unicode Consortium. [The Unicode Standard|http://www.unicode.org/standard/standard.html], Version 5.0. Addison-Wesley Professional; 5th edition (November 3, 2006) ISBN: 0321480910. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c0bbf01e080bbd8-ff900ef3-4ba14646-ac85b4c9-6fc7a3c1d1360b47b4784e21"><ac:parameter ac:name="">van de Voort 07</ac:parameter></ac:structured-macro> \[van de Voort 2007\] van de Voort, Marco. [Development Tutorial (a.k.a Build FAQ)|http://www.stack.nl/~marcov/buildfaq.pdf], January 29, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59a5e11d242a5c8f-ff192d52-4b64410f-8df297ee-0c8ad44096afa091a6a1eda4"><ac:parameter ac:name="">van Sprundel06</ac:parameter></ac:structured-macro> \[van Sprundel 2006\] van Sprundel, Ilja. [Unusualbugs|http://www.ruxcon.org.au/files/2006/unusual_bugs.pdf], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a3b4f2d068f11d8a-21efd302-4e65445d-9197a071-7c0561942377cc5bac69e483"><ac:parameter ac:name="">Viega 01</ac:parameter></ac:structured-macro> \[Viega 2001\] Viega, John. [Protecting Sensitive Data in Memory|http://www.cgisecurity.com/lib/protecting-sensitive-data.html], February 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="adbdec15708a24c3-90666814-46f54f30-9160907c-9d8a3eca41fd0253321ef8c5"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro> \[Viega 2003\] Viega, John, & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3be102d904ab1f82-85901cee-423645f8-9dbaa365-e99d0293b3f52e9da92a129c"><ac:parameter ac:name="">Viega 05</ac:parameter></ac:structured-macro> \[Viega 2005\] Viega, John. [CLASP Reference Guide Volume 1.1.|http://www.securesoftware.com/process/] Secure Software, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b9f9bd8e44db8d81-8b1cc16a-452343ac-acc7ad42-4dcdd46f5f64ebe48a1ee1a4"><ac:parameter ac:name="">VU#159523</ac:parameter></ac:structured-macro> \[VU#159523\] Giobbi, Ryan. Vulnerability Note [VU#159523|http://www.kb.cert.org/vuls/id/159523], _Adobe Flash Player integer overflow vulnerability_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="454342dcd5e64da3-10764a6e-4e354bf7-94cbab11-00a44e16186a9244b745b19f"><ac:parameter ac:name="">VU#162289</ac:parameter></ac:structured-macro> \[VU#162289\] Dougherty, Chad. Vulnerability Note [VU#162289|http://www.kb.cert.org/vuls/id/162289], _gcc silently discards some wraparound checks_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="77db826d4ecba668-961b5f0d-4f1746df-8283bf53-9d0e2c2e524096655af9fc5f"><ac:parameter ac:name="">VU196240</ac:parameter></ac:structured-macro> \[VU#196240\] Taschner, Chris & Manion, Art. Vulnerability Note [VU#196240|http://www.kb.cert.org/vulnotes/id/196240], _Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e729c43fd58b0b51-9e512dba-4a334e71-aea5b7fe-41af12c5e18a6cd67ae06725"><ac:parameter ac:name="">VU286468</ac:parameter></ac:structured-macro> \[VU#286468\] Burch, Hal. Vulnerability Note [VU#286468|http://www.kb.cert.org/vulnotes/id/286468], _Ettercap contains a format string error in the "curses_msg()" function_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b0d13aa29930dfdc-34ce343a-44874172-be1882e5-c5d9ee6dfcefccd21cec7c6f"><ac:parameter ac:name="">VU439395</ac:parameter></ac:structured-macro> \[VU#439395\] Lipson, Howard. Vulnerability Note [VU#439395|http://www.kb.cert.org/vuls/id/439395], _Apache web server performs case sensitive filtering on Mac OS X HFS\+ case insensitive filesystem,_ 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="edc342b1d2edeb74-114daeb1-43b6450a-8947a3b7-53a4f6d927ddbee2af2dead7"><ac:parameter ac:name="">VU551436</ac:parameter></ac:structured-macro> \[VU#551436\] Giobbi, Ryan. Vulnerability Note [VU#551436|http://www.kb.cert.org/vulnotes/id/551436], _Mozilla Firefox SVG viewer vulnerable to buffer overflow,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1747caf0300b40ef-13e5b5fe-4cb3442b-98af9d0e-a4487138367ed4afbe560274"><ac:parameter ac:name="">VU568148</ac:parameter></ac:structured-macro> \[VU#568148\] Finlay, Ian A. & Morda, Damon G. Vulnerability Note [VU#568148|http://www.kb.cert.org/vulnotes/id/568148], _Microsoft Windows RPC vulnerable to buffer overflow_, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48f19677096acb56-13ab50d1-497d46bd-b9438368-793a2bd4aaa8a905bddd13cb"><ac:parameter ac:name="">VU623332</ac:parameter></ac:structured-macro> \[VU#623332\] Mead, Robert. Vulnerability Note [VU#623332|http://www.kb.cert.org/vuls/id/623332], _MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function,_ 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="be137c3e2317ad8f-a24a9ee5-4dfe4217-86b3882c-abd0e4f621716ab07dc1a4b7"><ac:parameter ac:name="">VU649732</ac:parameter></ac:structured-macro> \[VU#649732\] Gennari, Jeff. Vulnerability Note [VU#649732|http://www.kb.cert.org/vulnotes/id/649732], _Samba AFS ACL Mapping VFS Plug-In Format String Vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd7e0d79c76499ff-06d1bcb0-4e03441d-b41ebef7-ea975d3d04a12073d3deab4f"><ac:parameter ac:name="">VU654390</ac:parameter></ac:structured-macro> \[VU#654390\] Rafail, Jason A. Vulnerability Note [VU#654390|https://www.kb.cert.org/vulnotes/id/654390], _ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions_, June 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f88fe4660ee0a99-fd84705c-4d9c4193-96ea8747-bb569a4d24be1269570f94eb"><ac:parameter ac:name="">VU743092</ac:parameter></ac:structured-macro> \[VU#743092\] Rafail, Jason A. & Havrilla, Jeffrey S. Vulnerability Note [VU#743092|https://www.kb.cert.org/vulnotes/id/743092], _realpath(3) function contains off-by-one buffer overflow,_ July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c5e8732aedae3ec0-d992273b-4c8b49e3-94ee96c7-3cdd953a3dcd0e32ec52368c"><ac:parameter ac:name="">VU834865</ac:parameter></ac:structured-macro> \[VU#834865\] Gennari, Jeff. Vulnerability Note [VU#834865|http://www.kb.cert.org/vuls/id/834865], _Sendmail signal I/O race condition_, March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="34e223be31c7ef28-3449d9bf-45594cbc-824d8bf6-1901c2b2f584f92a7dac70c7"><ac:parameter ac:name="">VU837857</ac:parameter></ac:structured-macro> \[VU#837857\] Dougherty, Chad. Vulnerability Note [VU#837857|http://www.kb.cert.org/vuls/id/837857], _SX.Org server fails to properly test for effective user ID_, August 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="164bf954ab09782d-20d0994e-453a4217-825799b2-27a102076949eb9384e6848a"><ac:parameter ac:name="">VU881872</ac:parameter></ac:structured-macro> \[VU#881872\] Manion, Art & Taschner, Chris. Vulnerability Note [VU#881872|http://www.kb.cert.org/vulnotes/id/881872], _Sun Solaris telnet authentication bypass vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="067edf24b5059c05-61e47789-4ea74006-90baa729-294421cbe8fa0b5560b9c884"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro> \[Warren 2002\] Warren, Henry S. [_Hacker's Delight_|http://www.hackersdelight.org/]. Boston, MA: Addison Wesley Professional, 2002 (ISBN 0201914654). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fbe243223eb813c5-54cdfa63-403f4d22-9ff391a7-16d7f7db87b755c1e6f48ce3"><ac:parameter ac:name="">WG14/N1396</ac:parameter></ac:structured-macro> \[WG14/N1396\] Thomas, J., Tydeman, F. "[Wide function return values|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1396.htm]", September 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd29a701eb006aab-701b54c7-4c4241d7-823ebcd0-c7ac9ef0f5780247f6f30622"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro> \[Wheeler 2003\] Wheeler, David. [Secure Programming for Linux and Unix HOWTO, v3.010|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dfa551182cd7e274-344f159c-4dec48de-a4698a69-36198008b1c696a8670fadb6"><ac:parameter ac:name="">Wheeler 04</ac:parameter></ac:structured-macro> \[Wheeler 2004\] Wheeler, David. [_Secure programmer: Call components safely_|http://www-128.ibm.com/developerworks/linux/library/l-calls.html]. December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb236261a74ef2cc-afad256a-4f314828-b5b79ee5-e182289bf99c1364bdae06fc"><ac:parameter ac:name="">Wojtczuk 08</ac:parameter></ac:structured-macro> \[Wojtczuk 2008\] Wojtczuk, Rafal. "[Analyzing the Linux Kernel vmsplice Exploit|http://www.avertlabs.com/research/blog/index.php/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/]." McAfee Avert Labs Blog, February 13, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ccba01a678c848ba-c56c3763-482d40f6-85d2be51-dc10c75fec499928d0f0a0ab"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro> \[xorl 2009\] xorl. [xorl %eax, %eax|http://xorl.wordpress.com/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88dcf35d73dddfce-92042ef0-41884aff-a4c0b408-27fcee023c4ca4ad3a7a68cf"><ac:parameter ac:name="">Yergeau 98</ac:parameter></ac:structured-macro> \[Yergeau 1998\] Yergeau, F. [RFC 2279 - UTF-8, a transformation format of ISO 10646|http://www.faqs.org/rfcs/rfc2279.html], January 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="605a628fa1b946f9-7a8e7301-40134855-b70d8a12-a9ae0b9efa6e84215ed75616"><ac:parameter ac:name="">Zalewski 01</ac:parameter></ac:structured-macro> \[Zalewski 2001\] Zalewski, Michal. [_Delivering Signals for Fun and Profit: Understanding, exploiting and preventing signal-handling related vulnerabilities_|http://lcamtuf.coredump.cx/signals.txt], May 2001. |
...