SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 79

changes.mady.by.user cjohns

Saved on

compared with

New Version 80

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Linked reference to Linux vmsplice kernel exploit

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

A Linux kernel vmsplice exploit, described at http://www.avertlabs.com/research/blog/index.php/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/
documents a vulerability and exploit arising directly out of integer
overflow.

References

Wiki Markup
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 6, "C Language Issues" (Arithmetic Boundary Conditions, pp. 211-223)
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.5, "Expressions," and Section 7.10, "Sizes of integer types <limits.h>"
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 5, "Integers"
\[[Viega 05|AA. C References#Viega 05]\] Section 5.2.7, "Integer overflow"
\[[VU#551436|AA. C References#VU551436]\]
\[[Warren 02|AA. C References#Warren 02]\] Chapter 2, "Basics"

...