| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17b827e3c5a6747b-497568bc-4084492c-9658a61d-904f21dc72aadb62a6186c5a"><ac:parameter ac:name="">Apple 06</ac:parameter></ac:structured-macro> \[Apple 06\] Apple, Inc. [_Secure Coding Guide_|http://developer.apple.com/documentation/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf], May 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b495db8639f997e1-922846b3-4de2496f-87a293e5-0ce174d000a52ec69907e15e"><ac:parameter ac:name="">Austin Group 08</ac:parameter></ac:structured-macro> \[Austin Group 08\] "Draft Standard for Information Technology - Portable Operating System Interface (POSIX®) - Draft Technical Standard: Base Specifications, Issue 7," IEEE Unapproved Draft Std P1003.1 D5.1. Prepared by the [Austin Group|http://www.opengroup.org/austin/]. New York: Institute of Electrical & Electronics Engineers, Inc., May 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="db575b0a51d4e5cf-9bee3f6f-499347cb-8ed7a082-bfdfe7d92fe82c93dcbe3a0e"><ac:parameter ac:name="">Banahan 03</ac:parameter></ac:structured-macro> \[Banahan 03\] Banahan, Mike. [_The C Book_|http://www.phy.duke.edu/~rgb/General/c_book/c_book/index.html], 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d863b12b0d9f2eb8-f4158862-4e374aa7-a3e49767-0c83515dd52791610a9a3ec0"><ac:parameter ac:name="">Beebe 05</ac:parameter></ac:structured-macro> \[Beebe 05\] Beebe, Nelson H. F. [Re: Remainder (%) operator and GCC|http://gcc.gnu.org/ml/gcc-help/2005-11/msg00141.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3bf2658a2c16d2d1-3a059fef-4e3d4dd4-85c8b6f1-d89c6aaa0c81b0c81c4de4f7"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro> \[Becker 08\] Becker, Pete. [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2521.pdf], April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fad825514441c067-c0cdf8fe-44b0426d-9104a8a5-d3d20abccfa742102c796ac8"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro> \[Black 07\] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. [http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="74c4ee0107835e70-e4451404-4ba140f8-8a95b3f5-f20fd57a01e94f12c54a0c65"><ac:parameter ac:name="">Brainbell.com</ac:parameter></ac:structured-macro> \[Brainbell.com\] Brainbell.com. [_Advice and Warnings for C Tutorials_|http://www.brainbell.com/tutors/c/Advice_and_Warnings_for_C/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a0d936f1b1c23990-8fae94f6-4ae84667-9acd9753-03cb3b954c4c53d16717f89f"><ac:parameter ac:name="">Bryant 03</ac:parameter></ac:structured-macro> \[Bryant 03\] Bryant, Randal E., & O'Halloran, David. _Computer Systems: A Programmer's Perspective_. Prentice Hall, 2003 (ISBN 0-13-034074-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3199b1dd23556c89-bc440aad-48e445e1-a2f19fae-74963879f58ffa1b5c269fc5"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro> \[Burch 06\] Burch, Hal, Long, Fred, & Seacord, Robert C. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="607181bdb4c1a631-5f7aae2b-4678483f-90fcb887-e6cbc1861a6fb2e954924f62"><ac:parameter ac:name="">Butenhof 97</ac:parameter></ac:structured-macro> \[Butenhof 97\] Butenhof, David R. [Programming with POSIX® Threads |http://www.informit.com/store/product.aspx?isbn=0201633922]. Addison-Wesley Professional, 1997. (ISBN 0-201-63392-2). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="534da9bf4cefd023-169ccf1f-4fb94821-9f949215-3f9b23fb7587c2b8b42d2bb2"><ac:parameter ac:name="">Callaghan 95</ac:parameter></ac:structured-macro> \[Callaghan 95\] Callaghan, B., Pawlowski, B., & Staubach, P. [IETF RFC 1813 NFS Version 3 Protocol Specification|http://www.ietf.org/rfc/rfc1813.txt], June 1995. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6fb6baa8c81bab18-382c08c4-4b5b402b-982d8938-c578b03dc03674e9cf2e57cc"><ac:parameter ac:name="">CERT 06a</ac:parameter></ac:structured-macro> \[CERT 06a\] CERT/CC. [CERT/CC Statistics 1988---2006|http://www.cert.org/stats/cert_stats.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0bd585757c1abb15-a6b71ea6-446246e1-b210a70d-e3ad292dd51083df63f66a59"><ac:parameter ac:name="">CERT 06b</ac:parameter></ac:structured-macro> \[CERT 06b\] CERT/CC. US-CERT's [Technical Cyber Security Alerts|http://www.us-cert.gov/cas/techalerts/index.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="824c1b1ea4d8eab4-e345cd26-49ad4a23-862a8711-509ac08c0c603e90931dc6d1"><ac:parameter ac:name="">CERT 06c</ac:parameter></ac:structured-macro> \[CERT 06c\] CERT/CC. [Secure Coding|http://www.cert.org/secure-coding/] web site. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="be67c0e5f83d055b-1d8fc836-4da34456-abb69887-bc6a6db099e4aa9078621dca"><ac:parameter ac:name="">Chen 02</ac:parameter></ac:structured-macro> \[Chen 02\] Chen, H., Wagner, D., & Dean, D. [Setuid Demystified|http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf] USENIX Security Symposium, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6e69a0ef5844ea16-d81f1ea0-4f4f4859-83bc91ac-4ccfdce43d63ac93b5e32167"><ac:parameter ac:name="">Corfield 93</ac:parameter></ac:structured-macro> \[Corfield 93\] Corfield, Sean A. "[Making String Literals 'const'|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc]," November 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a6184ac1ead8e145-f6372364-4c844c74-a09fa99a-986cd4b93f42182d35001789"><ac:parameter ac:name="">Coverity 07</ac:parameter></ac:structured-macro> \[Coverity 07\] Coverity Prevent User's Manual (3.3.0), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="07871e6161ccce40-7790ead9-41bd4ed2-87d7ac5c-a7e0c8a89b52c5ecd8e6d389"><ac:parameter ac:name="">CVE</ac:parameter></ac:structured-macro> \[CVE\] [Common Vulnerabilities and Exposures|http://cve.mitre.org/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f15292ebd0870d8f-88e6d9df-40bd4693-a3afb68f-0a6018e922b46adc74839ee3"><ac:parameter ac:name="">CPPReference</ac:parameter></ac:structured-macro> \[C+\+ Reference\] [Standard C Library, General C\++, C++ Standard Template Library|http://www.cppreference.com/] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fdaeb185b09aa73f-af51a1b8-4658437d-8e7c898a-3de673aabd671145b8b360f5"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro> \[Dewhurst 02\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston: Addison-Wesley Professional, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32ed8c5946455517-42ced8b0-48bd476e-b9dca4ff-946497074eade2a5bc173c37"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro> \[Dewhurst 05\] Dewhurst, Stephen C. _C+\+ Common Knowledge: Essential Intermediate Programming_. Boston, MA: Addison-Wesley Professional, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="30091c28f2975868-ae317f8a-47b343d6-9c309cf8-6fe248479e971c6f17ea62cb"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro> \[DHS 06\] U.S. Department of Homeland Security. [Build Security In|https://buildsecurityin.us-cert.gov/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4273884ce2de821c-6f0c73d6-4cfc4a01-a8d4a78c-b123688c986f83db03d7fbdc"><ac:parameter ac:name="">DISA 2008</ac:parameter></ac:structured-macro> \[DISA 2008\] DISA. [Application Security and Development Security Technical Implementation Guide, Version 2, Release 1|http://iase.disa.mil/stigs/stig/application_security_and_development_stig_v2r1_final_20080724.pdf]. July, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fbcffef0c2637e44-763e87ac-4ded4d56-bc349924-ddd2a3e9fe6b9e32618b8e7e"><ac:parameter ac:name=""> DOD 5220</ac:parameter></ac:structured-macro> \[DOD 5220\] U.S. Department of Defense. [DoD Standard 5220.22-M|http://security.ouhsc.edu/docs/policies/approved/DoD_5220.doc] (Word document). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e7ed07bea3e1a59a-517c3703-41024346-99b994e7-3840b5bab7c0884d212814c6"><ac:parameter ac:name="">Dowd 06</ac:parameter></ac:structured-macro> \[Dowd 06\] Dowd, M., McDonald, J., & Schuh, J. _The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities_. Boston: Addison-Wesley, 2006. See [http://taossa.com] for updates and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca7b403b5078bd8d-813458c3-48614324-adf2a4cb-aeb94441a453ca437695c501"><ac:parameter ac:name="">Drepper 06</ac:parameter></ac:structured-macro> \[Drepper 06\] Drepper, Ulrich. [Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)|http://people.redhat.com/drepper/defprogramming.pdf], May 3, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d9ee86832eeaa0f1-cf5f2dbc-47af4697-901e97b2-3d5614ef107d19f098a393c3"><ac:parameter ac:name="">Dutta 03</ac:parameter></ac:structured-macro> \[Dutta 03\] Dutta, Shiv. [Best practices for programming in C|http://www.ibm.com/developerworks/aix/library/au-hook_duttaC.html], June 26, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="92dd96d3b2ddd92c-ea32838b-4a5e4114-86bd9f94-30f1a0ac7e690411a915cd32"><ac:parameter ac:name="">Eckel 07</ac:parameter></ac:structured-macro> \[Eckel 07\] Eckel, Bruce. [_Thinking in C+\+ Volume 2_|http://bruce-eckel.developpez.com/livres/cpp/ticpp/v2/], January 25, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b72ea60666710909-b4951027-40f54276-a84d83a0-2d26ffac8635f10c18f50164"><ac:parameter ac:name="">ECTC 98</ac:parameter></ac:structured-macro> \[ECTC 98\] Embedded C+\+ Technical Committee. [_The Embedded C+\+ Programming Guide Lines_|http://www.caravan.net/ec2plus/guide.html], Version WP-GU-003. January 6, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2a1a72cdaca09396-ffbba460-48794696-9e1283b4-19732ca576e8adc18daea2dc"><ac:parameter ac:name="">Eide and Regehr</ac:parameter></ac:structured-macro> \[Eide and Regehr\] "[Volatiles are miscompiled, and what to do about it|http://portal.acm.org/citation.cfm?id=1450058.1450093]" Eide E., Regehr J. 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd2eadd4e26e93a3-4fc22eb3-4b02492f-9533bf9c-bcabd3d4d8f2c0dfc207cca0"><ac:parameter ac:name="">Finlay 03</ac:parameter></ac:structured-macro> \[Finlay 03\] Finlay, Ian A. CERT Advisory CA-2003-16, [Buffer Overflow in Microsoft RPC|http://www.cert.org/advisories/CA-2003-16.html]. CERT/CC, July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="150e5de24c264e02-74af8727-45a94e5b-acd398e3-5725a102b835754df13ce7aa"><ac:parameter ac:name="">Fisher 99</ac:parameter></ac:structured-macro> \[Fisher 99\] Fisher, David & Lipson, Howard. "Emergent Algorithms - A New Method for Enhancing Survivability in Unbounded Systems." _Proceedings of the 32nd Annual Hawaii International Conference on System Sciences (HICSS-32)_. Maui, HI, January 5-8, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fad795d428350177-95419da9-48b342c8-9fb4b3f6-c63cb530689487591a18d9f9"><ac:parameter ac:name="">Flake 06</ac:parameter></ac:structured-macro> \[Flake 06\] Flake, Halvar. "[Attacks on uninitialized local variables|http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Flake.pdf]." Black Hat Federal 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="47044b4c2433b029-d572f261-45ec4669-921b822a-0685c321c00a1c5795d71c0b"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro> \[Fortify 06\] Fortify Software Inc. [Fortify Taxonomy: Software Security Errors|http://www.fortifysoftware.com/vulncat/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="782adc1214254dd6-29dd1c09-44264a24-b9deb801-42c99ba441be39232e4d1f41"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro> \[FSF 05\] Free Software Foundation. [GCC online documentation|http://gcc.gnu.org/onlinedocs], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7e23843cecdeb6f3-b9ba360f-4a424ce4-975cb222-e02d35359440d456b4cf2309"><ac:parameter ac:name="">Garfinkel 96</ac:parameter></ac:structured-macro> \[Garfinkel 96\] Garfinkel, Simson & Spafford, Gene. _Practical UNIX & Internet Security_, 2nd Edition. Sebastopol, CA: O'Reilly Media, April 1996 (ISBN 1-56592-148-8). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0e5ae6479f275b14-e75db4d1-44ee4a05-b4b99a21-0a4b039d3a14239bac4dbce5"><ac:parameter ac:name="">GNU Pth</ac:parameter></ac:structured-macro> \[GNU Pth\] Engelschall, Ralf S. [GNU Portable Threads|http://www.gnu.org/software/pth/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d0b59c723a7cd283-52580696-4a884eaf-b95a9ea0-35d3391182451543ba6132a1"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro> \[Goldberg 91\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, March 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b256aab9e49cbbac-c04da54f-405247fd-8dbcaf79-d524862d1d382e7a2e3fc335"><ac:parameter ac:name="">Goodin 2009</ac:parameter></ac:structured-macro> \[Goodin 2009\] Dan Goodin. [Clever attack exploits fully-patched Linux kernel|http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/] The Register. July 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6966a1604e7c90a2-1a86c2cd-444b443f-bd40a8c4-5c021682e27118a22805701d"><ac:parameter ac:name="">Gough 2005</ac:parameter></ac:structured-macro> \[Gough 2005\] Gough, Brian J. [An Introduction to GCC|http://www.network-theory.co.uk/docs/gccintro/index.html]. Network Theory Ltd, Revised August 2005 (ISBN 0-9541617-9-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cfc5eeef040cdb13-42e95fc7-4ca54422-9fd096ad-55a23a7aee7608804dde16d7"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro> \[Graff 032003\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f940922d23abeb03-a4ad34b5-41144864-8c4abe49-ef545b676a2bb77e4f615a85"><ac:parameter ac:name="">Greenman 97</ac:parameter></ac:structured-macro> \[Greenman 971997\] Greenman, David. [_serious security bug in wu-ftpd v2.4_|http://seclists.org/bugtraq/1997/Jan/0011.html]. BUGTRAQ Mailing List (bugtraq@securityfocus.com), January 2, 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f83904adaaf1c0c-fb275a0a-43f04661-99c4811d-243797a9f35fd33f98d670a2"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro> \[Griffiths 062006\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b3dc04ef66a4d66e-89b6d9e3-45b84d8f-bc00a3e3-9362b64a3b2eb5eb4fecd529"><ac:parameter ac:name="">Gutmann 96</ac:parameter></ac:structured-macro> \[Gutmann 961996\] Gutmann, Peter. [Secure Deletion of Data from Magnetic and Solid-State Memory|http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html], July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="11a24f5250ba5645-7d59ec1b-4d834937-80ffa0f1-369fdd66421f94d64758a2b2"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro> \[Haddad 052005\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a14066badeb9168-5bfaa42d-4c6f4942-87948859-556ec49f8ec0d0483521052d"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro> \[Hatton 951995\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b3162ff84efdb55-3b4f426c-4c6a4ebf-ae9f82cd-0568b2e9c3408b6ab932773f"><ac:parameter ac:name="">Hatton 03</ac:parameter></ac:structured-macro> \[Hatton 032003\] Hatton, Les. [EC-: A measurement based safer subset of ISO C suitable for embedded system development|http://www.leshatton.org/Documents/ISOC_subset.pdf]. November 5, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da8c8a12b60061f5-7920c16c-464643cf-abe9a333-43c444747133232b1dcda033"><ac:parameter ac:name="">Henricson 92</ac:parameter></ac:structured-macro> \[Henricson 921992\] Henricson, Mats, & Nyquist, Erik. [Programming in C++, Rules and Recommendations|http://www.doc.ic.ac.uk/lab/cplus/c++.rules/]. Ellemtel Telecommunication Systems Laboratories, 1992. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="894881d688ece64b-cf727054-46fd4f1c-b60ebe93-0d28a6d785cdb74757c3c2e6"><ac:parameter ac:name="">Horton 90</ac:parameter></ac:structured-macro> \[Horton 901990\] Horton, Mark R. _Portable C Software_. Upper Saddle River, NJ: Prentice-Hall, Inc., 1990 (ISBN:0-13-868050-7). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9c1ee3a0ef883e20-9b1b0a2a-4bcf4c5f-83f59699-5874f9341423c2746dfeff29"><ac:parameter ac:name="">Howard 02</ac:parameter></ac:structured-macro> \[Howard 022002\] Howard, Michael, & LeBlanc, David C. _[_Writing Secure Code, 2nd ed. Redmond, WA:_|http://www.microsoft.com/mspress/books/5957.aspx]_. Microsoft Press, December 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="963a5d6017df431a-a90e34a6-47dd4ddf-89418625-0da5eb694e668e10e4056903"><ac:parameter ac:name="">HP 03</ac:parameter></ac:structured-macro> \[HP 032003\] [Tru64 UNIX: Protecting Your System Against File Name Spoofing Attacks|http://h30097.www3.hp.com/docs/wpapers/spoof_wp/symlink_external.pdf]. Houston, TX: Hewlett-Packard Company, January 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1d3ef69e1b973d7c-083fce1a-49814275-b15ca17c-7d186193c61af9e9d1b33f5f"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro> \[IEC 60812 2006\] _Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)_, 2nd ed. (IEC 60812). IEC, January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="15ddeac93be0e4e3-4392fd7b-461043f4-ad2e8145-f8e5f7146c7b6a15b8a50c5e"><ac:parameter ac:name="">IEC 61508 4</ac:parameter></ac:structured-macro> \[IEC 61508-4\] _Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations_, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8ef60a5bdd1085e6-77480133-4c0d4586-90f28d83-38adf06e7c871c484db057a8"><ac:parameter ac:name="">IEEE Std 610.12 1990</ac:parameter></ac:structured-macro> \[IEEE Std 610.12 1990\] _IEEE Standard Glossary of Software Engineering Terminology_, September 1990. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a3b7ca70e48568a8-602a07aa-49fc47df-bf198945-3735d329551609c6e8a910ee"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro> \[IEEE 754 2006\] IEEE. [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985), 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b16c42e1636be176-aeea7719-461946ea-b821af14-d5b9c7980d8b5056b1b336fd"><ac:parameter ac:name="">IEEE Std 1003.1</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="751db05a2a57faa9-96507245-4f424d84-b4fc9d19-db03a824d2bb25adaa1550e2"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> \[IEEE Std 1003.1-2008\] IEEE. [The Open Group Base Specifications Issue 7|http://www.opengroup.org/onlinepubs/9699919799] IEEE Std 1003.1, 2008 Edition. See also [#ISO/IEC 9945-2008] and [#Open Group 082008]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="442034f8a80ec13f-f8017266-4e61409b-b09eba6f-22d7718c5e6f09b7adeae1da"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66bec1e6f756bab3-6b5c0ee6-48c6479a-bff19d46-5c567eccbf28735d604ecdad"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro> \[IEEE Std 1003.1, 2004\] IEEE. [The Open Group Base Specifications Issue 6|http://www.opengroup.org/onlinepubs/009695399/] IEEE Std 1003.1, 2004 Edition. See also [#ISO/IEC 9945-2004] and [#Open Group 04]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d99c2014943379c6-aac3be1c-448e49ff-a7a98daa-fd26ab85b331421cc39ddaa0"><ac:parameter ac:name="">IEEE 1003</ac:parameter></ac:structured-macro> \[ilja 062006\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2636b9104837b0a6-d46767b7-4f19444e-a71dac7c-74fae6529a1a76803aa6cb56"><ac:parameter ac:name="">Intel 01</ac:parameter></ac:structured-macro> \[Intel 012001\] Intel Corp. [_Floating-Point IEEE Filter for Microsoft\* Windows\* 2000 on the Intel® Itanium⢠Architecture_|ftp://download.intel.com/software/opensource/libraries/ieee/ieee_filter_windows2000.pdf], March 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3e33b981f988d46c-7192fab8-4ce548d4-9374aab4-97df2866649fd92849c03dbb"><ac:parameter ac:name="">Internet Society 00</ac:parameter></ac:structured-macro> \[Internet Society 002000\] The Internet Society. [Internet Security Glossary (RFC 2828)|ftp://ftp.rfc-editor.org/in-notes/rfc2828.txt], 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3ebcce4a8999d86-9798ba1d-4b044c58-9db0a0b7-74212ec6735a8b72e9dff233"><ac:parameter ac:name="">ISO/IEC 646-1991</ac:parameter></ac:structured-macro> \[ISO/IEC 646:1991\] ISO/IEC. _Information technology: ISO 7-bit coded character set for information interchange_ (ISO/IEC 646-1991). Geneva, Switzerland: International Organization for Standardization, 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="baa24976d516dbd7-f95ca123-44d747d3-b2e5ab36-514ccce63635b9bb780ebe23"><ac:parameter ac:name="">ISO/IEC 9945-2008</ac:parameter></ac:structured-macro> \[ISO/IEC 9945:2008\] _ISO/IEC 9945:2008 Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX ^®^)_. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13fd1b8ce57d6e9a-9cba2e25-473d45a7-b75b8660-1f34ddbcb9d2770a46b880b6"><ac:parameter ac:name="">ISO/IEC 9945-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 9945:2003\] _ISO/IEC 9945:2003 (including Technical Corrigendum 1), Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX®)_. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="914358f9ffbce337-59f7f846-499f4025-a0fdb933-8de8f16362b6df9b13b5bd37"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro> \[ISO/IEC 9899:1999\] ISO/IEC. _Programming Languages---C, 2nd ed_ (ISO/IEC 9899:1999). Geneva, Switzerland: International Organization for Standardization, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29901561b6eabdf4-df966fcf-411a490b-aca6a41a-427bc598b2dfb31492c89af4"><ac:parameter ac:name="">ISO/IEC 10646-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 10646:2003\] _Information technology - Universal Multiple-Octet Coded Character Set (UCS)_ (ISO/IEC 10646:2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="877493903667b324-a696aa56-41c84474-ab80b40d-829df3982018d730f17c48a5"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 14882:2003\] ISO/IEC. _Programming Languages --- C++, Second Edition_ (ISO/IEC 14882-2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2099155508dadf49-57ac645a-4a1d4e4c-84f1a315-fa3457c7456c835e33944a63"><ac:parameter ac:name="">ISO/IEC 23360-1-2006</ac:parameter></ac:structured-macro> \[ISO/IEC 23360-1:2006\] [_Linux Standard Base (LSB) core specification 3.1 - Part 1: Generic specification_|http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c94950aa0549dae5-a76b593f-43a2410b-8f31933f-141c3897f377c0e57c236290"><ac:parameter ac:name="">ISO/IEC 03</ac:parameter></ac:structured-macro> \[ISO/IEC 032003\] ISO/IEC. [_Rationale for International Standard --- Programming Languages --- C, Revision 5.10_|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf]. Geneva, Switzerland: International Organization for Standardization, April 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="306d0a1eaf4277c2-0b32d0e8-4a464883-a5e0a488-19a2b64b74639c5804a4ea4e"><ac:parameter ac:name="">ISO/IEC JTC1/SC22/WG11</ac:parameter></ac:structured-macro> \[ISO/IEC JTC1/SC22/WG11\] ISO/IEC. [_Binding Techniques_|http://www.open-std.org/JTC1/SC22/WG11/] (ISO/IEC JTC1/SC22/WG11), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dbde5fd3b20b3b71-003ea5ed-45224411-b9709f3e-56a098c68294d16a7ef5bb55"><ac:parameter ac:name="">ISO/IEC DTR 24732</ac:parameter></ac:structured-macro> \[ISO/IEC DTR 24732\] ISO/IEC JTC1 SC22 WG14 N1290. [Extension for the programming language C to support decimal floating-point arithmetic|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1290.pdf], March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="20413b36460a7544-10095959-48534778-880eaa6f-698f4827f11e8dace7ddac33"><ac:parameter ac:name="">ISO/IEC PDTR 24731-2-2007</ac:parameter></ac:structured-macro> \[ISO/IEC PDTR 24731-2\] [Extensions to the C Library, --- Part II: Dynamic Allocation Functions|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1248.pdf], August 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="76cf1bd7489f55f6-ca6a1853-46394d20-a5139034-bb628104f8a889dfb311f00d"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro> \[ISO/IEC DTR 24772\] ISO/IEC DTR 24772. _Information Technology_ --- _Programming Languages_ --- [_Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_|http://www.aitcnet.org/isai/_Mtg_13/22-WG23-N-0238/n0238.pdf], November 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3cefb1920c7fbb22-0db03749-46264891-becf841b-b73a3e351762fc2bc9535ee3"><ac:parameter ac:name="">ISO/IEC TR 24731-1-2007</ac:parameter></ac:structured-macro> \[ISO/IEC TR 24731-1:2007\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. Geneva, Switzerland: International Organization for Standardization, April 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="00c3628142e21539-bc7e820d-47a24e8e-82fba84e-e376b2c4b260902692e6f5a3"><ac:parameter ac:name="">Jack 07</ac:parameter></ac:structured-macro> \[Jack 072007\] Jack, Barnaby. [_Vector Rewrite Attack_|http://www.juniper.net/solutions/literature/white_papers/Vector-Rewrite-Attack.pdf], May 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0bef04d0b506e9b1-faf2042d-45384821-b37fa30f-9042645f25eb6657317d4c6d"><ac:parameter ac:name="">Jones 04</ac:parameter></ac:structured-macro> \[Jones 042004\] Jones, Nigel. ["Learn a new trick with the offsetof() macro."|http://www.netrino.com/Articles/OffsetOf/index.php] _Embedded Systems Programming_, March 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b3ca7935f249004-8f529663-40144e18-a28e9f66-82613f69ef906d49c007bad0"><ac:parameter ac:name="">Jones 08</ac:parameter></ac:structured-macro> \[Jones 082008\] Jones, Derek M. [The New C Standard: An economic and cultural commentary|http://www.knosof.co.uk/cbook/]. Knowledge Software Ltd., 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e74cc6d12786e21-c73831ee-4c884ec5-aec19302-7353ec1452b40eaa8deb2bfd"><ac:parameter ac:name="">Jones 09</ac:parameter></ac:structured-macro> \[Jones 092009\] Jones, Larry. [WG14 N1401 Committee Draft ISO/IEC 9899:201x|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1425.pdf]. November 24, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9f7bfab6982148f9-7ed45ba1-46de40fd-a528bfc9-f8407d5f6a817f4b67f7f191"><ac:parameter ac:name="">Keaton 09</ac:parameter></ac:structured-macro> \[Keaton 092009\] David Keaton, Thomas Plum, Robert C. Seacord, David Svoboda, Alex Volkovitsky, Timothy Wilson. [As-if Infinitely Ranged Integer Model|http://www.sei.cmu.edu/publications/documents/09.reports/09tn023.html]. CMU/SEI-2009-TN-023. July, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f107fd3bbd74702-a367dbaf-419a4d90-97848f56-102a883e38aef248dfc0544d"><ac:parameter ac:name="">Keil 08</ac:parameter></ac:structured-macro> \[Keil 082008\] Keil, an ARM Company. "[Floating Point Support|http://www.keil.com/support/man/docs/armlib/armlib_bihbjiea.htm]." _RealView Libraries and Floating Point Support Guide_, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e4a4d9c0a123be7-de42ef10-4fda4049-a077a331-6fd7afc3068e4cb0dd153eda"><ac:parameter ac:name="">Kennaway 00</ac:parameter></ac:structured-macro> \[Kennaway 002000\] Kennaway, Kris. [Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3], December 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec7f14ac266ee412-5b35552a-488c46a3-85d9bd3b-29ac3dc31fc6141295b0441f"><ac:parameter ac:name="">Kernighan 88</ac:parameter></ac:structured-macro> \[Kernighan 88\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1d3f92f8f0604519-9b4ca62b-4e284617-aceca5be-288127487b2751a737c35c17"><ac:parameter ac:name="">Kernighan 147</ac:parameter></ac:structured-macro> \[Kernighan 147\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1024d70684bcdb0-f29a631c-42a2445b-bc69979e-0299d14a2d2bcfa6e7f0efd9"><ac:parameter ac:name="">Kettle 02</ac:parameter></ac:structured-macro> \[Kettlewell 022002\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html], February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ddf61a27b5482f76-dc1596c1-4deb414d-b6ea8c03-a5a8cde89085e1a704e6e893"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro> \[Kettlewell 032003\] Kettlewell, Richard. [_Inline Functions In C_|http://www.greenend.org.uk/rjk/2003/03/inline.html], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="802f5eea35a88f19-dfd508d9-43a54957-bda1813b-a3aeeea93fd771e63678a244"><ac:parameter ac:name="">Kirch-Prinz 02</ac:parameter></ac:structured-macro> \[Kirch-Prinz 022002\] Kirch-Prinz, Ulla & Prinz, Peter. _C Pocket Reference_. Sebastopol, CA: O'Reilly, November 2002 (ISBN: 0-596-00436-2). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8c9f54b3b487a768-0113f14b-4a8e49b9-946a95ff-097986af3dde3cf61595a6ff"><ac:parameter ac:name="">Klarer 04</ac:parameter></ac:structured-macro> \[Klarer 042004\] Klarer, R., Maddock, J., Dawes, B. & Hinnant, H. "Proposal to Add Static Assertions to the Core Language (Revision 3)." ISO C+\+ committee paper ISO/IEC JTC1/SC22/WG21/N1720, October 2004. Available at [http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1720.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b624fe80fa154963-b3a0efaf-4ca144c4-8aa6afd7-ce7498c109a640bb4db358cb"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro> \[Klein 022002\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html], 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65bffb0514127f61-8035f7b8-426d4b39-b4459578-d04bb75aad70ada7a37cedb1"><ac:parameter ac:name="">Koenig 89</ac:parameter></ac:structured-macro> \[Koenig 891989\] Koenig, Andrew. _C Traps and Pitfalls_. Addison-Wesley Professional, January 1, 1989. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48636daebd43ecd1-401e6108-4a484607-8d2d9bd3-7f52284a7f9f109d5615f643"><ac:parameter ac:name="">Kuhn 06</ac:parameter></ac:structured-macro> \[Kuhn 062006\] Kuhn, Markus. [_UTF-8 and Unicode FAQ for Unix/Linux_|http://www.cl.cam.ac.uk/~mgk25/unicode.html], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d988b92d78cc236-23a8ea7c-4e1d412f-9ceb98ff-a3176cc4aa5a7f817271b130"><ac:parameter ac:name="">Lai 06</ac:parameter></ac:structured-macro> \[Lai 062006\] Lai, Ray. "[Reading Between the Lines|http://undeadly.org/cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b3b6a3a3af0404d-044f34f2-45264c04-acb29793-b11f5de87feb962786c598c7"><ac:parameter ac:name="">Lewis 06</ac:parameter></ac:structured-macro> \[Lewis 062006\] Lewis, Richard. "[Security Considerations When Handling Sensitive Data|http://secureapps.blogspot.com/2006/10/security-considerations-when-handling.html]." Posted on the Application Security by Richard Lewis blog October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8d278595cabe9480-650d449e-4b7641ff-82e19469-0f2907313c0bc3aa1f5d6c2e"><ac:parameter ac:name="">Linux 08</ac:parameter></ac:structured-macro> \[Linux 082008\] [Linux Programmer's Manual|http://www.kernel.org/doc/man-pages/online_pages.html], October 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0fe83b5b90f0a880-8e3a16bf-4ddd45af-a2cd9edb-0afd42afe8a508f4668d76fc"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro> \[Lions 961996\] Lions, J. L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="370a0a8dfad5e3b9-6de7d8cf-42f14336-bf39bdec-f3ea8bb3643742670495e357"><ac:parameter ac:name="">Lipson 00</ac:parameter></ac:structured-macro> \[Lipson 002000\] Lipson, Howard & Fisher, David. "Survivability: A New Technical and Business Perspective on Security," 33-39. _Proceedings of the 1999 New Security Paradigms Workshop_. Caledon Hills, Ontario, Canada, Sept. 22-24, 1999. New York: Association for Computing Machinery, 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d654e4b3583ee450-4e51d51e-44df42bb-819ebe4c-7332b115bdbe386d38bc7aa0"><ac:parameter ac:name="">Lipson 06</ac:parameter></ac:structured-macro> \[Lipson 062006\] Lipson, Howard. _Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks_ (CMU/SEI-2006-TN-027). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3ca4c48f7b1e0b7e-01ac8eac-4acc409f-9c58ae8d-d35d3bc979b7a77e7eb7958a"><ac:parameter ac:name="">Lipson 2009</ac:parameter></ac:structured-macro> \[Liu 2009\] Likai Liu. [Making NULL-pointer reference legal|http://lifecs.likai.org/2009/01/making-null-pointer-reference-legal.html], Life of a Computer Science Student, January, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6e2c6202e9e9495-7bbe3fb1-4e97481f-9453b98c-8238f1eeece5901bf92daaa0"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro> \[Lockheed Martin 052005\] Lockheed Martin. "[Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program.|http://www.research.att.com/~bs/JSF-AV-rules.pdf]" Document Number 2RDU00001 Rev C., December 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="920bd843d72d6a87-4ed18c01-468646bf-a6b88ca0-cb6b261f02db43011b68b96a"><ac:parameter ac:name="">Loosemore 07</ac:parameter></ac:structured-macro> \[Loosemore 072007\] Loosemore, Sandra, Stallman, Richard M., McGrath, Roland, Oram, Andrew, & Drepper, Ulrich. [The GNU C Library Reference Manual|http://www.gnu.org/software/libc/manual/], Edition 0.11, September 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="827fbd989d8a4323-7a0425d9-4d69487f-8092b690-e551bfbdcaf940f001ebeb67"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro> \[McCluskey 012001\] [_flexible array members and designators in C9X_|http://www.usenix.org/publications/login/2001-07/pdfs/mccluskey.pdf] ;login:, July 2001, Volume 26, Number 4, p. 29---32. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="886398c8109bd526-037e98ab-4f4c47fb-8acf9c4b-26b244f8722f1c8489736d88"><ac:parameter ac:name="">Mell 07</ac:parameter></ac:structured-macro> \[Mell 072007\] P. Mell, K. Scarfone, and S. Romanosky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0", FIRST, June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ade84771cf12386c-2f16438c-421b4fb0-be44a698-e0c580d9804fd450b0be67ca"><ac:parameter ac:name="">mercy 06</ac:parameter></ac:structured-macro> \[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip], January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d5013b9b445869f-18890f2c-41d04ede-8d8085a9-3aa1eeebca6b03bb6654ff2e"><ac:parameter ac:name="">Meyers 2004</ac:parameter></ac:structured-macro> \[Meyers 2004\] Randy Meyers. [Limited size_t|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1080.pdf] WG14 N1080. September, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="74c566651da5b7b1-cde7851c-40624d48-9bb8acb2-3fcf08254119de3926969b24"><ac:parameter ac:name="">Microsoft 03</ac:parameter></ac:structured-macro> \[Microsoft 032003\] Microsoft Security Bulletin MS03-026, "[Buffer Overrun In RPC Interface Could Allow Code Execution (823980)|http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx]," September 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b7b032b5db13e70c-15ffcb1e-45374505-bfb28573-a03e2d0d3d48d321cd6ce81a"><ac:parameter ac:name="">Microsoft 07</ac:parameter></ac:structured-macro> \[Microsoft 072007\] [C Language Reference|http://msdn2.microsoft.com/en-us/library/fw5abdx6(VS.80).aspx], 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5e76d505b7d28fad-33a7d2a9-46174223-9a9a83e7-2bfbd1bbb748abd4145f2df5"><ac:parameter ac:name="">Miller 99</ac:parameter></ac:structured-macro> \[Miller 991999\] Todd C. Miller and Theo de Raadt. strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation. In Proceedings of the FREENIX Track, 1999 USENIX Annual Technical Conference. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a1e6de0488807a4a-d1a62893-44af4986-b66cb75f-a9e0a4f184252e21a9855fde"><ac:parameter ac:name="">Miller 04</ac:parameter></ac:structured-macro> \[Miller 042004\] Miller, Mark C., Reus, James F., Matzke, Robb P., Koziol, Quincey A., & Cheng, Albert P. "[Smart Libraries: Best SQE Practices for Libraries with an Emphasis on Scientific Computing|https://wci.llnl.gov/codes/smartlibs/UCRL-JRNL-208636.pdf]." _Proceedings of the Nuclear Explosives Code Developer's Conference_, December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ffe27b1d0422fa1-ddc89610-47724034-af41a5d0-8745b123a82c285368413364"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro> \[MISRA 042004\] MISRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="099f051944a5a2bf-f9a4ac65-4612446b-a5d3b879-b10a47552c73b0084d87d09c"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro> \[MISRA 082008\] MIRA Limited. "[MISRA C+\+|http://www.misra.org.uk/]: 2008 "Guidelines for the Use of the C+\+ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e53ceacb0bbfc8a6-9b29b8a6-46e340ee-911db496-f90965af01b18b9646c2bae4"><ac:parameter ac:name="">MIT 04</ac:parameter></ac:structured-macro> \[MIT 042004\] MIT. "[MIT krb5 Security Advisory 2004-002|hhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt], 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8e197c63d643de0a-14010a66-466949c9-9170a4f2-8867dc484c5ef7a512cc06c1"><ac:parameter ac:name="">MIT 05</ac:parameter></ac:structured-macro> \[MIT 052005\] MIT. "[MIT krb5 Security Advisory 2005-003|http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-003-recvauth.txt], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2937d2322e633b6c-22ce1071-411847b6-a9469cdd-28a81fee59c80728f7814ffc"><ac:parameter ac:name="">MITRE</ac:parameter></ac:structured-macro> \[MITRE\] MITRE. [Common Weakness Enumeration, Version 1.8|http://cwe.mitre.org/], February 2010. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="96e54e7cd2fc2baa-5caa288a-41134fce-a5b0b161-1e9528bb398dfea9ced610cd"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro> \[MITRE 072007\] MITRE. [Common Weakness Enumeration, Draft 9|http://cwe.mitre.org/], April 2008.\\ |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5123f1d574185798-76c6c14d-4d5f467e-8ee79127-7884ea37edd29fb49b83579b"><ac:parameter ac:name="">MKS</ac:parameter></ac:structured-macro> \[MKS\] MKS Inc. [MKS Reference Pages|http://www.mkssoftware.com/docs/api_index.asp/] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52ac540a85a034e1-249b3653-4ba94736-a1aa8d1f-73b4e55793f4783aff2a0cd8"><ac:parameter ac:name="">MSDN</ac:parameter></ac:structured-macro> \[MSDN\] [Microsoft Developer Network|http://msdn.microsoft.com/en-us/default.aspx]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="91f6374e5584b2c1-81a2ef11-47264227-b2d18db8-f41fa0390e1e9ad8a3cf5ad4"><ac:parameter ac:name="">Murenin 07</ac:parameter></ac:structured-macro> \[Murenin 072007\] Murenin, Constantine A. "[cnst: 10-year-old pointer-arithmetic bug in make(1) is now gone, thanks to malloc.conf and some debugging|http://cnst.livejournal.com/24040.html]," June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5df28ec85116945a-e1c97fae-4fa3452d-95b196d2-6fd40c8dad307680f93abd4d"><ac:parameter ac:name="">NAI 98</ac:parameter></ac:structured-macro> \[NAI 981998\] Network Associates Inc. [Bugtraq: Network Associates Inc. Advisory (OpenBSD)|http://seclists.org/bugtraq/1998/Aug/0071.html], 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2cef02941e76f86-9476fafa-464c4fd3-b270b617-f6eeb87897d8f4bb82f0e2a6"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro> \[NASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d332b6d59a26dc49-f1cbfe40-4c224067-a232b094-112e84fded1a9c46f1919398"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro> \[NIST 062006\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="696f9ac94ca01036-b3386696-45904905-93d2a140-6969ba0c04df9aa9140e957c"><ac:parameter ac:name="">OpenBSD</ac:parameter></ac:structured-macro> \[OpenBSD\] Berkley Software Design, Inc. [Manual Pages|http://www.openbsd.org/cgi-bin/man.cgi], June 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79428c4e2a41166d-9fb6b5f6-4a5b4aa1-995d983e-6cfeeacfe628f149b222148c"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ec18bc8fc0e306c-ac635c92-4cd94be6-8479bdf7-bc6f13b496f7cade173d4875"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79abcfcdc6089a08-47081572-46674c04-93fbb2ac-4d3e19720ab46a2964d73b0b"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4039c68c2a82bcdd-08fbd432-491b45b6-99f5992d-cebda92d58a802a6796a0fa6"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>\[Open Group 08\] The Open Group. "[_The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition_|http://www.opengroup.org/onlinepubs/9699919799/toc.htm]." (2008). See also [#IEEE Std 1003.1-2008]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="031807fcc69874d5-80a1ad29-47ab4a07-a9499ab9-d90134516303cfe0b2b28cd4"><ac:parameter ac:name="">Open Group 97a</ac:parameter></ac:structured-macro> \[Open Group 97a1997a\] The Open Group. [_The Single UNIX® Specification, Version 2_|http://www.opengroup.org/onlinepubs/7990989775/toc.htm], 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ae8ddbeef07f140-424b8cfc-48a647af-93919477-5b4f87e0fefaf9319632325c"><ac:parameter ac:name="">Open Group 97b</ac:parameter></ac:structured-macro> \[Open Group 97b1997b\] The Open Group. [_Go Solo 2---The Authorized Guide to Version 2 of the Single UNIX Specification_|http://www.unix.org/whitepapers/64bit.html], May 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6aba4ae3e3b394fc-c4b33a7c-4fa64adb-bd72a54e-111684401ca9d4771d3a2f71"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="917ec2c2a3923f49-d7bfd78d-448041d4-856498bc-b25b82a4349d4c2ae2b4b550"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b9d81b26ce55f1f-3f4ef977-489f4165-bdc68bb9-afb227db6f94491328cf75f7"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e35c33f7cb0bb456-1c24c111-41514427-93569227-6867fbb3f8b6279e95752b59"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>\[Open Group 042004\] The Open Group. "[_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm]." (2004). See also [#IEEE Std 1003.1-2004]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d5cd99af2aeed529-258b34ba-42e84b04-8fe08073-e2174e71bd35ca6e543ff0a0"><ac:parameter ac:name="">OWASP Double Free</ac:parameter></ac:structured-macro> \[OWASP Double Free\] Open Web Application Security Project, "[Double Free|http://www.owasp.org/index.php/Double_Free]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8a7a9af0cd32043e-6942e1a3-4efe4ebb-84cd9ce8-59b8cf9484a2b272bf8b1be6"><ac:parameter ac:name="">OWASP Freed Memory</ac:parameter></ac:structured-macro> \[OWASP Freed Memory\] Open Web Application Security Project, "[Using freed memory|http://www.owasp.org/index.php/Using_freed_memory]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e5016f2090e54567-9ec806b6-428b4e6b-abe781a9-4293ef00f15b14815b518835"><ac:parameter ac:name="">Pethia 03</ac:parameter></ac:structured-macro> \[Pethia 032003\] Pethia, Richard D. "[Viruses and Worms: What Can We Do About Them?|http://www.cert.org/congressional_testimony/Pethia-Testimony-9-10-2003/]" September 10, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6447c6fa9ea0dd84-ec1265f9-4a4d406f-a37191ea-26df43a863d0ffd1f7a7ccee"><ac:parameter ac:name="">Pfaff 04</ac:parameter></ac:structured-macro> \[Pfaff 042004\] Pfaff, Ken Thompson. "[Casting (time_t)(-1)|http://groups.google.com/group/comp.lang.c/browse_thread/thread/8983d8d729244f2b/ea0e2972775a1114?#ea0e2972775a1114]." _Google Groups comps.lang.c_, March 2, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="24cdd408ec440a2f-18d09d23-4a394775-9900bd48-4b977acf9e469284eeef9499"><ac:parameter ac:name="">Pike 93</ac:parameter></ac:structured-macro> \[Pike 931993\] Pike, Rob & Thompson, Ken. "Hello World." _Proceedings of the USENIX Winter 1993 Technical Conference_, San Diego, CA, January 25-\--29, 1993, pp. 43-\--50. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6890a225c0a61127-2fca8444-4fe84632-a4f6b4eb-92c2ef651a0aabf80a4e8c62"><ac:parameter ac:name="">Plakosh 05</ac:parameter></ac:structured-macro> \[Plakosh 052005\] Plakosh, Dan. [_Consistent Memory Management Conventions_|https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/coding/476.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7ec85f7b3c6133a5-f44921c7-4c5844fb-9469b378-62a1dfef4bea23db8a59d37d"><ac:parameter ac:name="">Plum 85</ac:parameter></ac:structured-macro> \[Plum 851985\] Plum, Thomas. _Reliable Data Structures in C_. Kamuela, HI: Plum Hall, Inc., 1985 (ISBN 0-911537-04-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aaee63bff7e0f035-c6a13b98-4dcd43ba-aafeb6a5-47ed4de4e18457a9272b0138"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro> \[Plum 891989\] Plum, Thomas, & Saks, Dan. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, 1989 (ISBN 0911537074). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c7ac87e99a4e65f0-20dad888-40f44c10-a12b91c1-4ee5db4754bebe216f24a995"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro> \[Plum 911991\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, 1991 (ISBN 0911537104). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2e5777fcfb50e59f-1971f461-464b4898-99158f5b-3bfd52efa41e14e5ce81dd24"><ac:parameter ac:name="">Plum 08</ac:parameter></ac:structured-macro> \[Plum 082008\] Plum, Thomas. Static Assertions. June, 2008. [http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1330.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="84d9989802055b10-abb57fd4-4a054cf5-82c596e8-5c0281f1247c3a8b62edaa0a"><ac:parameter ac:name="">Redwine 06</ac:parameter></ac:structured-macro> \[Redwine 062006\] Redwine, Samuel T., Jr., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. U.S. Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e33f82e0a3fb1bad-edb04415-4b0c4376-9fc4811e-4e240e91a55a7f0c4b3b3989"><ac:parameter ac:name="">RUS-CERT</ac:parameter></ac:structured-macro> \[RUS-CERT\] RUS-CERT Advisory 2002-08:02, "[Flaw in calloc and similar routines|http://cert.uni-stuttgart.de/advisories/calloc.php]," 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="67ed971e6a0f968e-1c73cf67-43374c6c-ba0b828f-cd06515946916022b31039d1"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro> \[Saltzer 741974\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM 17_, 7 (July 1974): 388---402. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7425c04292724b6a-3d2e7782-498c4863-8a7dad7c-eaed87481d79ef8235af60a8"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro> \[Saltzer 751975\] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." _Proceedings of the IEEE 63_, 9 (September 1975): 1278-1308. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ea0c42cad04caf0b-c0b3242c-44354de5-ada59f76-c43d7c7a957f1d8e5c76e4a8"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro> \[Saks 991999\] Saks, Dan. "[const T vs.T const|http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]." _Embedded Systems Programming_, February 1999, pp. 13-16. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1ed311d7cbda6cf-ab5808f3-440e4a3a-b5e5ad5e-66c3798b9f4e8a482acf8e45"><ac:parameter ac:name="">Saks 00</ac:parameter></ac:structured-macro> \[Saks 002000\] Saks, Dan. "[Numeric Literals|http://www.embedded.com/2000/0009/0009pp.htm]." _Embedded Systems Programming_, September 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="889dfaff6d8948a3-889c8059-477b486c-8661b035-cb7f7b0e0622852d147fc902"><ac:parameter ac:name="">Saks 01a</ac:parameter></ac:structured-macro> \[Saks 01a2001a\] Saks, Dan. "[Symbolic Constants|http://www.embedded.com/story/OEG20011016S0116]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5d901da84d4c63d8-865ecfa7-49f94252-98d98c71-0eb40c67a59372a1bd5cacd5"><ac:parameter ac:name="">Saks 01b</ac:parameter></ac:structured-macro> \[Saks 01b2001b\] Saks, Dan. "[Enumeration Constants vs. Constant Objects|http://www.embedded.com/columns/programmingpointers/9900402]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1b1074dfc48bd28-4c80edc6-4e50441a-92dfb068-7cc13dd061d18d49635fd295"><ac:parameter ac:name="">Saks 02</ac:parameter></ac:structured-macro> \[Saks 022002\] Saks, Dan. "[Symbolic Constant Expressions|http://www.embedded.com/story/OEG20020124S0117]." _Embedded Systems Design_, February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88a3b7bc3746becf-ab727616-47e0422f-9b5d86eb-d3c2bf453b6ff7d841ae1263"><ac:parameter ac:name="">Saks 05</ac:parameter></ac:structured-macro> \[Saks 052005\] Saks, Dan. "[Catching Errors Early with Compile-Time Assertions|http://www.embedded.com/columns/programmingpointers/164900888?_requestid=287187]." _Embedded Systems Design_, June 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="585f7f44a17b6457-52301f39-475b4e11-89bf9a74-e4300f989e50ee7959d05221"><ac:parameter ac:name="">Saks 07a</ac:parameter></ac:structured-macro> \[Saks 07a2007a\] Saks, Dan. "[Sequence Points|http://www.embedded.com/columns/programmingpointers/9900661?_requestid=481957]" _Embedded Systems Design_, July 1, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd6e1d55e62ecd4a-b1835fb9-448341b0-88cabc09-31f26a96f948147e0baaadd9"><ac:parameter ac:name="">Saks 07b</ac:parameter></ac:structured-macro> \[Saks 07b2007b\] Saks, Dan. [Bail, return, jump, or . . . throw?|http://www.embedded.com/columns/programmingpointers/197008821]. _Embedded Systems Design_, March 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59d412713155eee2-789edbca-4c8843c2-abda9e6d-cafea927e6cd8a5426807b32"><ac:parameter ac:name="">Saks 08</ac:parameter></ac:structured-macro> \[Saks 082008\] Saks, Dan, & Dewhurst, Stephen C. "Sooner Rather Than Later: Static Programming Techniques for C++" (presentation, March 2008). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e5dc919bd855ec2b-f510c3e7-4ee84b14-afd493ea-ee1e13c54257538823f5d929"><ac:parameter ac:name="">Schwarz 05</ac:parameter></ac:structured-macro> \[Schwarz 052005\] Schwarz, B., Wagner, Hao Chen, Morrison, D., West, G., Lin, J., & Tu, J. Wei. "Model checking an entire Linux distribution for security violations." _Proceedings of the 21st Annual Computer Security Applications Conference_, December 2005 (ISSN 1063-9527; ISBN 0-7695-2461-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd96786c70d6eeca-2aec9986-4d2b4066-8c6d8179-ba808e4e784722b6d2bd00bd"><ac:parameter ac:name="">Seacord 03</ac:parameter></ac:structured-macro> \[Seacord 032003\] Seacord, Robert C., Plakosh, Daniel, & Lewis, Grace A. [_Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices_|http://www.informit.com/store/product.aspx?isbn=0321118847]. Addison-Wesley, February 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25356c35c58a75ea-8d205225-40054171-9ba2ae9f-08b9c1a7f4a967a3df828618"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c7baa2cdce0f9ca3-84b8ebcf-41974b7d-8943a671-33688a057812b36c145a70bd"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro> \[Seacord 05a2005a\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3e15434caee7090a-2263dcfa-4b1b4483-a7c191f4-86cd585d1bad8e60e074d45d"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro> \[Seacord 05b2005b\] Seacord, Robert C. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30---34. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1d58d59b5dc4c051-9743fd2d-4dde48cb-a9b1a89c-4c238682bd29068fadf220be"><ac:parameter ac:name="">Seacord 05c</ac:parameter></ac:structured-macro> \[Seacord 05c2005c\] Seacord, Robert C. [_Variadic Functions: How they contribute to security vulnerabilities and how to fix them_|http://www.cert.org/books/secure-coding/LWM%203-11%20%28Seacord%29.pdf]. _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a2a0b8be1113375-e5f0ac24-4ef74d35-97ac8f1e-efa8995bab4e7ce3d4b1d583"><ac:parameter ac:name="">Secunia</ac:parameter></ac:structured-macro> \[Secunia\] Secunia Advisory SA10635, "[HP-UX calloc Buffer Size Miscalculation Vulnerability|http://secunia.com/advisories/10635/]," 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59e2f99468acab76-d363d0bd-4bf14820-87a69b67-9ef15ec0a8e122263d0ac543"><ac:parameter ac:name="">SecurityFocus 07</ac:parameter></ac:structured-macro> \[SecurityFocus 072007\] SecurityFocus. "[Linux Kernel Floating Point Exception Handler Local Denial of Service Vulnerability|http://www.securityfocus.com/bid/10538/discuss]," 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d0468608932b8f36-0fc7576d-4bab4c3c-8947967e-cffbced14af70aa1a3828af6"><ac:parameter ac:name="">SecuriTeam 07</ac:parameter></ac:structured-macro> \[SecuriTeam 072007\] SecuriTeam. "[Microsoft Visual C+\+ 8.0 Standard Library Time Functions Invalid Assertion DoS (Problem 3000)|http://www.securiteam.com/windowsntfocus/5MP0D0UKKO.html]," February 13, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="16e4dd8a4c5ae2db-f11ce9e0-4a85485f-98fc9b26-ba7702002ec2b264bfca4a7e"><ac:parameter ac:name="">Sloss 04</ac:parameter></ac:structured-macro> \[Sloss 042004\] Sloss, Andrew, Symes, Dominic, & Wright, Chris. [_ARM System Developer's Guide_|http://www.arm.com/documentation/books/4975.html]. San Francisco:Elsevier/Morgan Kauffman, 2004 (ISBN-10: 1558608745; ISBN-13: 978-1558608740). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="910f9fc6165918ee-7f483d2e-4174413a-bcd2bcdf-923d04c068fbc488d4f3d513"><ac:parameter ac:name="">Spinellis 06</ac:parameter></ac:structured-macro> \[Spinellis 062006\] Spinellis, Diomidis. [_Code Quality: The Open Source Perspective_|http://www.spinellis.gr/codequality]. Addison-Wesley, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0703752c3bd3833c-f3f95f6c-4cfc4d5b-97488250-35850dbd4b88568710871145"><ac:parameter ac:name="">StackOvflw 09</ac:parameter></ac:structured-macro> \[StackOvflw 092009\] ["Should I return TRUE / FALSE values from a C function?"|http://stackoverflow.com/questions/559061/should-i-return-true-false-values-from-a-c-function] StackOverflow.com User Questions. March 15, 2010. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a6e906a3de0b7264-d74e41ec-45564ab1-88178953-f901d69ca8853f6d903adac1"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro> \[Steele 771977\] Steele, G. L. "[Arithmetic shifting considered harmful|http://doi.acm.org/10.1145/956641.956647]." _SIGPLAN Not._ 12, 11 (November 1977), 61-69. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fae18d28c416d57d-d56e4e13-4cb44d49-95769a40-15d120b10f57c458edb0e9a5"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro> \[Summit 951995\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="46c3d6b2c5b90fd8-35f3fdb1-458a4f53-b3588782-b4e9d210bbd8ac3273a2b8b5"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro> \[Summit 052005\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://www.faqs.org/faqs/comp.lang.c/C-FAQ-list/?], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="892fb90516d4a6f7-571bfa4c-4f494217-bdad89ec-f57f20108eae5155dd8639f4"><ac:parameter ac:name="">Sun</ac:parameter></ac:structured-macro> \[Sun\] [Sun Security Bulletin #00122|http://sunsolve.sun.com/search/document.do?assetkey=1-22-00122-1], 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="148c92cb46aa06b7-03a87ab1-47154ffc-8dfbb691-ed75aeab369f134879944a37"><ac:parameter ac:name="">Sun 05</ac:parameter></ac:structured-macro> \[Sun 052005\] [C User's Guide|http://docs.sun.com/source/819-3688/]. 819-3688-10. Sun Microsystems, Inc., 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d32e63af2657ee6-d748e4bb-44394a1f-88fa8606-e611fdca08be24aca0d6dfe3"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro> \[Sutter 042004\] Sutter, Herb & Alexandrescu, Andrei. C+\+ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA:Addison-Wesley Professional, 2004 (ISBN 0321113586). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="38f3ef01ee3f8ca2-56ddde8b-4fa4458f-b038bb09-c5d34d59ac16fd4afc5d1a0f"><ac:parameter ac:name="">Tsafrir 08</ac:parameter></ac:structured-macro> \[Tsafrir 082008\] Tsafrir, Dan, Da Silva, Dilma, & Wagner, David. [The Murky Issue of Changing Process Identity: Revising "Setuid Demystified"|http://www.eecs.berkeley.edu/~daw/papers/setuid-login08b.pdf] USENIX, June 2008, pages 55-66 |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69da0fcbf1421a15-21637bbc-42a94ad0-a30eb8ee-767d2c3e43f6f51460951a53"><ac:parameter ac:name="">Unicode 06</ac:parameter></ac:structured-macro> \[Unicode 062006\] The Unicode Consortium. [The Unicode Standard|http://www.unicode.org/standard/standard.html], Version 5.0. Addison-Wesley Professional; 5th edition (November 3, 2006) ISBN: 0321480910. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c7d4645350a6fef-d337520f-439d437f-867c80e9-9e94dcde908213ff5412a308"><ac:parameter ac:name="">van de Voort 07</ac:parameter></ac:structured-macro> \[van de Voort 072007\] van de Voort, Marco. [Development Tutorial (a.k.a Build FAQ)|http://www.stack.nl/~marcov/buildfaq.pdf], January 29, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f624755ca4d15c1-735491c0-45d14328-a66ea435-83ee9200515c9085c50c3184"><ac:parameter ac:name="">van Sprundel06</ac:parameter></ac:structured-macro> \[van Sprundel 062006\] van Sprundel, Ilja. [Unusualbugs|http://www.ruxcon.org.au/files/2006/unusual_bugs.pdf], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7cd9fb8c0002c31e-90318025-46ce4954-b5d6a28c-95f0b2b0b6185af37dbedf75"><ac:parameter ac:name="">Viega 01</ac:parameter></ac:structured-macro> \[Viega 012001\] Viega, John. [Protecting Sensitive Data in Memory|http://www.cgisecurity.com/lib/protecting-sensitive-data.html], February 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf7f1786a6353544-5c39a4de-4a6e4395-be9394d0-a860104afe150cf3dad92700"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro> \[Viega 032003\] Viega, John, & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8d6045bb5e029f5a-7585d4f2-482a43f4-8c1e8b82-f372d9d93d9cdc05eb95dcad"><ac:parameter ac:name="">Viega 05</ac:parameter></ac:structured-macro> \[Viega 052005\] Viega, John. [CLASP Reference Guide Volume 1.1.|http://www.securesoftware.com/process/] Secure Software, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c098a37f9d7c497d-b2fbe2d2-480a428f-bb198a74-004c3f89b243b6df40db3dc2"><ac:parameter ac:name="">VU#159523</ac:parameter></ac:structured-macro> \[VU#159523\] Giobbi, Ryan. Vulnerability Note [VU#159523|http://www.kb.cert.org/vuls/id/159523], _Adobe Flash Player integer overflow vulnerability_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8351fd94904d59a-d0f338c5-489d42c9-b2d9bcad-f5b63e7c551080f9ebf7f13e"><ac:parameter ac:name="">VU#162289</ac:parameter></ac:structured-macro> \[VU#162289\] Dougherty, Chad. Vulnerability Note [VU#162289|http://www.kb.cert.org/vuls/id/162289], _gcc silently discards some wraparound checks_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="059cc38d1dc74587-c3233e9d-4296461a-bef19fcf-67b2a5917fc86eefc06c1ef2"><ac:parameter ac:name="">VU196240</ac:parameter></ac:structured-macro> \[VU#196240\] Taschner, Chris & Manion, Art. Vulnerability Note [VU#196240|http://www.kb.cert.org/vulnotes/id/196240], _Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="babaab4351ef1e6f-a52b00da-411b49ab-b438acc4-aa99a5ae87d31270ee3b3671"><ac:parameter ac:name="">VU286468</ac:parameter></ac:structured-macro> \[VU#286468\] Burch, Hal. Vulnerability Note [VU#286468|http://www.kb.cert.org/vulnotes/id/286468], _Ettercap contains a format string error in the "curses_msg()" function_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5fd5b6afed9647e7-558ac4eb-43fc4af8-ade28e41-f5cc237ed51c8de96723135f"><ac:parameter ac:name="">VU439395</ac:parameter></ac:structured-macro> \[VU#439395\] Lipson, Howard. Vulnerability Note [VU#439395|http://www.kb.cert.org/vuls/id/439395], _Apache web server performs case sensitive filtering on Mac OS X HFS\+ case insensitive filesystem,_ 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68f830bfd6286aea-7fcb112f-41874a1b-bcad8263-bdf3f0cb8c4071d6ae1ea982"><ac:parameter ac:name="">VU551436</ac:parameter></ac:structured-macro> \[VU#551436\] Giobbi, Ryan. Vulnerability Note [VU#551436|http://www.kb.cert.org/vulnotes/id/551436], _Mozilla Firefox SVG viewer vulnerable to buffer overflow,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="41adcdf500992229-1d4b2255-48db4532-8881b5f5-edc0a4a3b4b597c69badf96a"><ac:parameter ac:name="">VU568148</ac:parameter></ac:structured-macro> \[VU#568148\] Finlay, Ian A. & Morda, Damon G. Vulnerability Note [VU#568148|http://www.kb.cert.org/vulnotes/id/568148], _Microsoft Windows RPC vulnerable to buffer overflow_, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b581f85eb41ae425-880764aa-48594c1b-945da18c-e096795cbf9dafee0d20bf5f"><ac:parameter ac:name="">VU623332</ac:parameter></ac:structured-macro> \[VU#623332\] Mead, Robert. Vulnerability Note [VU#623332|http://www.kb.cert.org/vuls/id/623332], _MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function,_ 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7ac83865a6aad30a-953c5e85-453943f3-95d0b642-a598da04560621eddcde90fa"><ac:parameter ac:name="">VU649732</ac:parameter></ac:structured-macro> \[VU#649732\] Gennari, Jeff. Vulnerability Note [VU#649732|http://www.kb.cert.org/vulnotes/id/649732], _Samba AFS ACL Mapping VFS Plug-In Format String Vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f4628fd4b5d8b5dd-c9677426-44244186-beb2a3ae-a7023d58ead88bf40e6fe71e"><ac:parameter ac:name="">VU654390</ac:parameter></ac:structured-macro> \[VU#654390\] Rafail, Jason A. Vulnerability Note [VU#654390|https://www.kb.cert.org/vulnotes/id/654390], _ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions_, June 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c9d2b9006c480d0d-93cfa47b-42ce4b69-a5c2ba6a-093aeae93141741398e26f0f"><ac:parameter ac:name="">VU743092</ac:parameter></ac:structured-macro> \[VU#743092\] Rafail, Jason A. & Havrilla, Jeffrey S. Vulnerability Note [VU#743092|https://www.kb.cert.org/vulnotes/id/743092], _realpath(3) function contains off-by-one buffer overflow,_ July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd363ed2cf7f0e17-9ab8adb6-493044a5-bd088ef3-4587a91303f1ef54f6e7daaa"><ac:parameter ac:name="">VU834865</ac:parameter></ac:structured-macro> \[VU#834865\] Gennari, Jeff. Vulnerability Note [VU#834865|http://www.kb.cert.org/vuls/id/834865], _Sendmail signal I/O race condition_, March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83689617093ae6c2-c53cd42a-491d4aa6-86148d78-6d1e82f8880e7f847c94b26d"><ac:parameter ac:name="">VU837857</ac:parameter></ac:structured-macro> \[VU#837857\] Dougherty, Chad. Vulnerability Note [VU#837857|http://www.kb.cert.org/vuls/id/837857], _SX.Org server fails to properly test for effective user ID_, August 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd1fca539913154a-c7d587b0-4b0e400c-b27d9c9d-c7463437a682df6e8dcbbfba"><ac:parameter ac:name="">VU881872</ac:parameter></ac:structured-macro> \[VU#881872\] Manion, Art & Taschner, Chris. Vulnerability Note [VU#881872|http://www.kb.cert.org/vulnotes/id/881872], _Sun Solaris telnet authentication bypass vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1e81c7f3233cc2cb-7617b405-43a74a76-b29083f4-572937f9481c5992d9de2017"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro> \[Warren 022002\] Warren, Henry S. [_Hacker's Delight_|http://www.hackersdelight.org/]. Boston, MA: Addison Wesley Professional, 2002 (ISBN 0201914654). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fc7f528f50695bd3-a9416e2a-4f674af4-98cbbe73-466e10e09334462730dc79c7"><ac:parameter ac:name="">WG14/N1396</ac:parameter></ac:structured-macro> \[WG14/N1396\] Thomas, J., Tydeman, F. "[Wide function return values|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1396.htm]", September 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cc84f6da690fbbd5-8964048b-46c541be-8037ae80-432b20e2be71a239cbefdfbc"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro> \[Wheeler 032003\] Wheeler, David. [Secure Programming for Linux and Unix HOWTO, v3.010|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ba35d40c7a71e7e5-43bdace8-494840d7-be75a511-52efd4ad21284265bfd9a226"><ac:parameter ac:name="">Wheeler 04</ac:parameter></ac:structured-macro> \[Wheeler 042004\] Wheeler, David. [_Secure programmer: Call components safely_|http://www-128.ibm.com/developerworks/linux/library/l-calls.html]. December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fbb5bbd6315b39e9-86fc9f16-474d4189-a93da458-ddb809c035969bfd26ffe967"><ac:parameter ac:name="">Wojtczuk 08</ac:parameter></ac:structured-macro> \[Wojtczuk 082008\] Wojtczuk, Rafal. "[Analyzing the Linux Kernel vmsplice Exploit|http://www.avertlabs.com/research/blog/index.php/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/]." McAfee Avert Labs Blog, February 13, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48df578c90d2c277-690653b6-42c84190-878bb842-176cdeff0b717610d8d81372"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro> \[xorl 2009\] xorl. [xorl %eax, %eax|http://xorl.wordpress.com/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="126eee4692b45e70-1c57d0e5-494c4d2d-9680bf37-6a745f96b61b1274ed3439cc"><ac:parameter ac:name="">Yergeau 98</ac:parameter></ac:structured-macro> \[Yergeau 981998\] Yergeau, F. [RFC 2279 - UTF-8, a transformation format of ISO 10646|http://www.faqs.org/rfcs/rfc2279.html], January 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca3925304b25aff5-d7b69b72-41f4446c-abdc84fa-7fe890fd177da9289d66a27f"><ac:parameter ac:name="">Zalewski 01</ac:parameter></ac:structured-macro> \[Zalewski 012001\] Zalewski, Michal. [_Delivering Signals for Fun and Profit: Understanding, exploiting and preventing signal-handling related vulnerabilities_|http://lcamtuf.coredump.cx/signals.txt], May 2001. |
...