Page History

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c880542315b6ceda-73a117fe-45b74ac5-8fe3b525-f93b30487ee3c01bd8f63f8d"><ac:parameter ac:name="">Apple 06</ac:parameter></ac:structured-macro>
\[Apple 06\] [_Secure Coding Guide_|http://developer.apple.com/documentation/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf], May, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="896d97890a3e57ab-05cc2279-4a3345ad-af1f9ba1-a6310e1e77339a69afaf251f"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 06\] Burch, H.; Long, F.; & Seacord, R. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8eca481becdde376-68db3cf6-4c5f46be-b573b7e7-1c84f05c815c86de1adab4b5"><ac:parameter ac:name="">Callaghan 95</ac:parameter></ac:structured-macro>
\[Callaghan 95\] Callaghan, B.; Pawlowski, B.; & Staubach, P. [IETF RFC 1813 NFS Version 3 Protocol Specification|http://www.ietf.org/rfc/rfc1813.txt] (June 1995).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17a25f732caf5fd7-df3b41fa-42c646d5-8735917b-972da0ff894d5ab5df6713b3"><ac:parameter ac:name="">CERT 06a</ac:parameter></ac:structured-macro>
\[CERT 06a\] CERT/CC. See [http://www.cert.org/stats/cert_stats.html] for current statistics.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="22bf71c48a69a85d-2e2b7ea1-4bf448ee-ad188bf0-948df14baba39c36a26e570f"><ac:parameter ac:name="">CERT 06b</ac:parameter></ac:structured-macro>
\[CERT 06b\] CERT/CC. US-CERT's [Technical Cyber Security Alerts|http://www.us-cert.gov/cas/techalerts/index.html].

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b040f3c20ea75c24-d15b757f-424f4463-98a8b7bc-43f6f8816fd260b4a8314ea4"><ac:parameter ac:name="">CERT 06c</ac:parameter></ac:structured-macro>
\[CERT 06c\] CERT/CC. [Secure Coding|http://www.cert.org/secure-coding/] web site.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2326911e9b50464d-aa4c39c4-4c574e61-8ccdbb2f-0abd502fdc01767cd941bfbc"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro>
\[Dewhurst 02\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston, MA: Addison-Wesley Professional, 2002.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7fb99dda47f385a2-f7a5f124-4bd9470d-a85d924b-44d5aa757a4e348ca55ae01f"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro>
\[DHS 06\] DHS. [Build Security In|https://buildsecurityin.us-cert.gov/] web site.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d32467924f5f9143-618d9e49-48a44fff-80129800-4f3e8b24aa7fb5b5ba7f5ac0"><ac:parameter ac:name="">Dowd 06</ac:parameter></ac:structured-macro>
\[Dowd 06\] Dowd, M.; McDonald, J.; & Schuh, J. _The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities_. Boston, MA: Addison-Wesley, 2006. See [http://taossa.com] for updates and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bf61f5888db2a515-2f9c6e8f-46694454-b4fcbfea-7db23e55159dee13439cfdc8"><ac:parameter ac:name="">Drepper 06</ac:parameter></ac:structured-macro>
\[Drepper 06\] Drepper, Ulrich. [Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong).|http://people.redhat.com/drepper/defprogramming.pdf] May 3, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9719367eef6321d9-3fbdb3d8-49414850-9193b7e5-2b9fdf854fd6106fab874858"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>
\[FSF 05\] Free Software Foundation. [GCC online documentation|http://gcc.gnu.org/onlinedocs] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69f8cbda1212e8e6-dde7b270-4df54ccb-9fdf83c0-c5d0b009bc54204e602e138d"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graff 03\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87779491530f85b6-daaba4eb-4386426a-bacc9774-2ecc2eee8155acb272b0f554"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro>
\[Griffiths 06\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]."&nbsp;

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1dc72bbb9f7f3207-c3e1c526-49394b34-afdd9754-140a11f0e6d3050efa4d76b9"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2566aba953a6437-281944ba-49144981-8b2a9402-d367236ed798c4ed36e2b3b4"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro>
\[Hatton 95\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0bf9d77786c698ac-66458e51-42554ad0-b107a070-4d45735ddd31209eb6806a0d"><ac:parameter ac:name="">HP 03</ac:parameter></ac:structured-macro>
\[HP 03\] [Tru64 UNIX: Protecting Your System Against File Name Spoofing Attacks|http://h30097.www3.hp.com/docs/wpapers/spoof_wp/symlink_external.pdf]. Houston, TX: Hewlett-Packard Company, January 2003.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ce3a7b7c06a4af00-47cd55da-426048fc-bb25b460-e1f79c73cf5d035670c754dd"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro>
\[IEEE 754 2006\] IEEE 754-1985. [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985) (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4aff5db82d6884e4-84ae0dd9-43024804-898c99ec-acd3e45c46b7254dedd01c9c"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
\[ilja 06\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7b2f4ea4e62d1a00-6ba22ef8-47de4f5f-9905b07d-2e7186d99ab38e0347b165cc"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. _Programming Languages --- C, Second Edition_ (ISO/IEC 9899-1999). Geneva, Switzerland: International Organization for Standardization, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3083dd8f8124bd6-f1788cb5-49594e24-8d82a562-28a9a2a0d36b7e90b3083a85"><ac:parameter ac:name="">ISO/IEC 03<14882-2003</ac:parameter></ac:structured-macro>
\[ISO/IEC 0314882-2003\] [Rationale for International Standard --- ISO/IEC. _Programming Languages --- C++, Revision 5.10|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf].Second Edition_ (ISO/IEC 14882-2003). Geneva, Switzerland: International Organization for Standardization, April 2003.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d68a82a1c560b32e-060f9057-439449ec-be6baf6e-40c3e05d7d1a8cdfae1b72db"><ac:parameter ac:name="">ISO/IEC TR 24731-2006<03</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-200603\] ISO/IEC TR 24731. [_ExtensionsRationale tofor theInternational CStandard Library, --- PartProgramming I:Languages Bounds---checking interfaces_. Geneva, C, Revision 5.10_|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf]. Geneva, Switzerland: International Organization for Standardization, April 20062003.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="051c43594821ad89-e8d2f0ff-41f34137-a0eda3ff-7cbab891bd878879a68f6b9c"><ac:parameter ac:name="">ISO/IEC 14882-2003<JTC1/SC22/WG11</ac:parameter></ac:structured-macro>
\[ISO/IEC 14882-2003JTC1/SC22/WG11\] ISO/IEC 14882-2003. [_Programming Languages --- C++, Second Edition_. Geneva, Switzerland: International Organization for Standardization, 2003Binding Techniques_|http://www.open-std.org/JTC1/SC22/WG11/] (ISO/IEC JTC1/SC22/WG11) (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="837d7b5ffc693b3a-c17b5edb-48804d4a-b17dba77-9e8e2e5c2fbe27418f50919d"><ac:parameter ac:name="">Kennaway 00<>ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
\[Kennaway 00ISO/IEC TR 24731-2006\] Kennaway, Kris. [Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3] (December 2000)ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. Geneva, Switzerland: International Organization for Standardization, April 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4bcfb2430e2037d-49384ba2-4289443a-8d8182f9-bb6ae203faa10e1d0bdc17a9"><ac:parameter ac:name="">Kerrighan>Kennaway 88<00</ac:parameter></ac:structured-macro>
\[KerrighanKennaway 8800\] KerrighanKennaway, BKris. W. & Ritchie, D. M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.[Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3] (December 2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="deddef2f2da3ea0c-48e25c27-4cfd485e-9d899ef7-781e087dfd89c7ce54a1adb6"><ac:parameter ac:name="">Kettle>Kerrighan 02<88</ac:parameter></ac:structured-macro>
\[KettlewellKerrighan 0288\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html] (February 2002)Kerrighan, B. W. & Ritchie, D. M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af30dd637658b1ed-8ab480ec-4be9477f-bb8a88e2-8caae2c2eb67bd527170017d"><ac:parameter ac:name="">Kettle 03<02</ac:parameter></ac:structured-macro>
\[Kettlewell 0302\] Kettlewell, Richard. [_InlineC FunctionsLanguage In CGotchas_|http://www.greenend.org.uk/rjk/20032001/0302/inlinecfu.html] (MarchFebruary 20032002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b9cc2daa09730f8b-f1b141e2-4ea84b02-82fa9733-c7fa73ae493c30c118ff7996"><ac:parameter ac:name="">Klein>Kettle 02<03</ac:parameter></ac:structured-macro>
\[KleinKettlewell 0203\] KleinKettlewell, JackRichard. [_BulletInline ProofFunctions Integer Input Using strtol()In C_|http://homewww.greenend.attorg.netuk/~jackkleinrjk/c2003/code03/strtolinline.html] (2002March 2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5bfdb118a847393b-b063e3fd-4a664d72-8b89b756-1fc6a30c972a66021e23bfad"><ac:parameter ac:name="">Lai>Klein 06<02</ac:parameter></ac:structured-macro>
\[LaiKlein 0602\] LaiKlein, RayJack. "[Reading Between the Lines[_Bullet Proof Integer Input Using strtol()_|http://undeadly.org/cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006home.att.net/~jackklein/c/code/strtol.html] (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3d90a971849da04-b95ae9e5-4bb74471-87d38bc9-3d0ff9b2f2bece27b9782173"><ac:parameter ac:name="">Lions>Lai 96<06</ac:parameter></ac:structured-macro>
\[LionsLai 9606\] LionsLai, JRay. L. "[ARIANEReading 5Between Flight 501 Failure Reportthe Lines|http://en.wikisourceundeadly.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8af8810e539f5876-f9b6907f-415043d8-8f0ca2d6-4b73f36b1fd20ee550a8a88d"><ac:parameter ac:name="">Lockheed>Lions Martin 2005<96</ac:parameter></ac:structured-macro>
\[LockheedLions Martin 200596\] LockheedLions, MartinJ. _Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program_. Document Number 2RDU00001, Rev C.  December 2005L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="738197818430b03d-f0153d95-44a445a0-82c8bdb9-b74fc7626343a7d9e9b6cb04"><ac:parameter ac:name="">mercy<>Lockheed Martin 2005</ac:parameter></ac:structured-macro>
\[mercyLockheed Martin 2005\] mercyLockheed Martin. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip] (January 2006)._Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program_. Document Number 2RDU00001, Rev C.  December 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ce6e1ba74698d2ce-1385f149-46574969-885ca344-9b4021bc057cbe2b29a3137a"><ac:parameter ac:name="">NASA-GB-1740.13<>MISRA 04</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13MISRA 04\] NASAMIRA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b825161c0a06446-b674b4c1-4e62485c-b4058acb-a5b40f0c01b25528614a2375"><ac:parameter ac:name="">NIST 06<>NASA-GB-1740.13</ac:parameter></ac:structured-macro>
\[NIST 06\] NISTNASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_SAMATENASA Software ReferenceSafety DatasetGuidebook_|http://samatepbma.nistnasa.gov/SRD/docs/public/pbma/general/guidbook.doc] (2006NASA-GB-1740.13).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3849d6fc0967fd4-45bd4c57-468b4d74-af1488b1-ddf26935dd8b78ec73b20737"><ac:parameter ac:name="">NIST 06b<06</ac:parameter></ac:structured-macro>
\[NIST 06b06\] NIST. [DRAFT_SAMATE Source Code Analysis Tool Functional Specification. | Reference Dataset_|http://samate.nist.gov/docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdf] NIST Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, September 2006SRD/] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8a55624a6e96d9a2-88f277e6-4efc4823-8a15bf62-4f85fa0248ab09641b418c8f"><ac:parameter ac:name="">Open>NIST Group 97<06b</ac:parameter></ac:structured-macro>
\[OpenNIST Group 9706b\] NIST. The[DRAFT OpenSource Group. [_The Single UNIX® Specification, Version 2_|Code Analysis Tool Functional Specification. | http://wwwsamate.opengroupnist.orggov/onlinepubs/7990989775/toc.htm] (1997).docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdf] NIST Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, September 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="375321c929096062-4908b871-41b4449c-8d6ea885-795ca218bced4b305951af6f"><ac:parameter ac:name="">Open Group 04<97b</ac:parameter></ac:structured-macro>
\[Open Group 0497b\] The Open Group. and the IEEE. [_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition[_Go Solo 2 - The Authorized Guide to Version 2 of the Single UNIX Specification_|http://www.opengroupunix.org/onlinepubswhitepapers/009695399/toc64bit.htmhtml] (2004May 1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51a36abf4948cb8f-5c4f3abe-49734574-88e2a539-69d067311d247b17e70fc283"><ac:parameter ac:name="">Plum>Open Group 89<04</ac:parameter></ac:structured-macro>
\[PlumOpen Group 8904\] Plum, Thomas, & Saks, Dan. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, Inc., 1989 (ISBN 0911537074The Open Group and the IEEE. [_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm] (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d8e0c75210f8be12-d43eaf3d-49e64f12-be048d6a-9fe82257350ab0d0a32386cc"><ac:parameter ac:name="">Plum 91<89</ac:parameter></ac:structured-macro>
\[Plum 9189\] Plum, Thomas, & Saks, Dan. _C+\+ Programming_. KamuelaGuidelines, HI2nd ed_. Kamuela, HI: Plum Hall, Inc., 19911989 (ISBN 09115371040911537074).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="905a22981f4ae678-5ff82d79-4b3443b5-94e8b8d5-156141b4f677c2eef8264e40"><ac:parameter ac:name="">Redwine>Plum 06<91</ac:parameter></ac:structured-macro>
\[RedwinePlum 0691\] RedwinePlum, Samuel TThomas., Jr., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. US Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In. _C+\+ Programming_. Kamuela, HI: Plum Hall, Inc., 1991 (ISBN 0911537104).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="580e608b41bd61d9-7a75d332-49ed441a-bf0ea609-c80c8439d91543b48049f353"><ac:parameter ac:name="">Saks>Redwine 99<06</ac:parameter></ac:structured-macro>
\[SaksRedwine 9906\] SaksRedwine, Dan. "[constSamuel T., vsJr.T const|http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]." _Embedded Systems Programming_, February 1999, pp. 13-16., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. US Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42d7b6ef5b71c4f6-10634c2e-465a472f-b673b2c6-4705121b721b3c45b43d69e0"><ac:parameter ac:name="">Seacord>Summit 05b<95</ac:parameter></ac:structured-macro>
\[SeacordSummit 05b95\] SeacordSummit, RSteve. "Managed_C StringProgramming LibraryFAQs: for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30-34Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bca13274dbbcd278-4f823485-40734fa7-a846bfb1-ed1f69fba3f0d594ac1b31a6"><ac:parameter ac:name="">Summit 95<05</ac:parameter></ac:structured-macro>
\[Summit 9505\] Summit, Steve. _C Programming FAQs:[_comp.lang.c Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199|http://c-faq.com/] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6e698c0b8c982e1d-f1754ea4-44644388-91c7b33e-9e3b2304ccc9e32cfb968165"><ac:parameter ac:name="">Summit 05<>van de Voort 07</ac:parameter></ac:structured-macro>
\[Summit 05van de Voort 07\] van de SummitVoort, SteveMarco. [_comp.lang.c Frequently Asked Questions_Development Tutorial (a.k.a Build FAQ)|http://c-faq.com/www.stack.nl/~marcov/buildfaq.pdf] (2005January 29, 2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69ee94891f364a22-cbcee9b5-4eb7448c-831fa964-88fdc8be1e13c4e128d8db6a"><ac:parameter ac:name="">van de Voort 07<>Viega 03</ac:parameter></ac:structured-macro>
\[van de Voort 07Viega 03\] Viega, vanJohn de& VoortMessier, Marco. [Development Tutorial (a.k.a Build FAQ)|http://www.stack.nl/~marcov/buildfaq.pdf] (January 29, 2007Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d158213737177080-c6b9e379-4b8e4d4f-8f1ba204-0350b2602933b238bd94a429"><ac:parameter ac:name="">Viega 03<05</ac:parameter></ac:structured-macro>
\[Viega 0305\] Viega, John & Messier, Matt. _Secure[CLASP ProgrammingReference CookbookGuide for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3)Volume 1.1.|http://www.securesoftware.com/process/] Secure Software, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e4467071cc8c29f1-77d9c470-4db34d4c-90b58be7-e1bf72ae2f4bb31dcb42618a"><ac:parameter ac:name="">Viega 05<>VU196240</ac:parameter></ac:structured-macro>
\[Viega 05VU#196240\] ViegaBurch, JohnHal. [CLASPVulnerability Reference Guide Volume 1.1.Note [VU#196240|http://www.kb.securesoftware.com/process/] Secure Software, 2005cert.org/vulnotes/id/196240], _Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets_ (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10d351bfd995a189-e0d42e86-4b184501-b9f9b7e6-16a00458e1ccf148b3405199"><ac:parameter ac:name="">VU286468</ac:parameter></ac:structured-macro>
\[VU#286468\] Burch, Hal. Vulnerability Note [VU#286468|http://www.kb.cert.org/vulnotes/id/286468], _Ettercap contains a format string error in the "curses_msg()" function_ (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ba02e6a037707934-5e346d0e-4a0c4c3e-bd1c8d2a-2911d1e103ff6712f576713b"><ac:parameter ac:name="">VU#551436</ac:parameter></ac:structured-macro>
\[VU#551436\] Giobbi, Ryan. Vulnerability Note [VU#551436|http://www.kb.cert.org/vulnotes/id/551436], _Mozilla Firefox SVG viewer vulnerable to buffer overflow_ (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d13062d98496c683-42b0a60f-4d044fa4-a94ab8fd-005e1ccee5419c98e7e8d341"><ac:parameter ac:name="">VU649732</ac:parameter></ac:structured-macro>
\[VU#649732\] Gennari, Jeff. Vulnerability Note [VU#649732|http://www.kb.cert.org/vulnotes/id/649732], _Samba AFS ACL mapping VFS plug-in format string vulnerability_ (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7aaa992981656235-747dce69-460e4752-bc3081ff-a36537ebc0446589490a24c7"><ac:parameter ac:name="">VU881872</ac:parameter></ac:structured-macro>
\[VU#881872\] Manion, Art & Taschner, Chris. Vulnerability Note [VU#881872|http://www.kb.cert.org/vulnotes/id/881872], _Sun Solaris telnet authentication bypass vulnerability_ (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60b8b4f30130417c-712d1f6a-42694d7b-83049003-113c961e855bae5c356ba517"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 02\] Warren, Henry S. [_Hacker's Delight_|http://www.hackersdelight.org/]. Boston, MA: Addison Wesley Professional, 2002 (ISBN 0201914654).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="44fbfb446eca3250-57660389-49c94e15-b8238ae4-53b4fc17578d9e5fdc18f0b1"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro>
\[Wheeler 03\] Wheeler, David. [Secure Programming for Linux and Unix HOWTO, v3.010 |http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/] (March 2003).