SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 293

changes.mady.by.user Yozo TODA

Saved on

compared with

New Version 294

changes.mady.by.user Brady Tello

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="00e17243af47e74c-035bb490-4e4a4490-9e33961f-a7691f04fa904397ab6c4f94"><ac:parameter ac:name="">Apple 06</ac:parameter></ac:structured-macro>
\[Apple 2006\] Apple, Inc. [_Secure Coding Guide_|http://developer.apple.com/documentation/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf], May 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3ff30da9460d31d5-16a99736-460e4f7e-972cb5d0-fc52d96eab36f65d2cf7e9fa"><ac:parameter ac:name="">Austin Group 08</ac:parameter></ac:structured-macro>
\[Austin Group 2008\] "Draft Standard for Information Technology - Portable Operating System Interface (POSIX®) - Draft Technical Standard: Base Specifications, Issue 7," IEEE Unapproved Draft Std P1003.1 D5.1. Prepared by the [Austin Group|http://www.opengroup.org/austin/]. New York: Institute of Electrical & Electronics Engineers, Inc., May 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b24a58c8e9b7e12-502dca2e-484e4742-b77ab889-e3d1c5d2dc6e24d279fa06b9"><ac:parameter ac:name="">Banahan 03</ac:parameter></ac:structured-macro>
\[Banahan 2003\] Banahan, Mike. [_The C Book_|http://www.phy.duke.edu/~rgb/General/c_book/c_book/index.html], 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d76ce7a75f01e13d-58871b3f-476644c5-9055ba55-74f1ba23235a1ba54b4b9e0b"><ac:parameter ac:name="">Barney 10</ac:parameter></ac:structured-macro>
\[Barney 2010\] Barney, Blaise. "[Mutex Variables|https://computing.llnl.gov/tutorials/pthreads/#Mutexes]," POSIX Threads Programming, 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f7b32bc30948cfb-d358397d-4fb946cc-b6cdb44e-d2f74f25fc7ff0a2d642ded9"><ac:parameter ac:name="">Beebe 05</ac:parameter></ac:structured-macro>
\[Beebe 2005\] Beebe, Nelson H. F. [Re: Remainder (%) operator and GCC|http://gcc.gnu.org/ml/gcc-help/2005-11/msg00141.html], 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c588c8dde850f15-8a3e3283-4eb247d4-80afa6ef-2f34304f82b455faf59a3f94"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro>
\[Becker 2008\] Becker, Pete. [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2521.pdf], April 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bfe977fd691b153f-a4a2df63-45c14945-807391ca-59191f11c9b8ad891238cfc0"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro>
\[Black 2007\] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. [http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c10676421f1eaa8f-6e1b2be5-43a24670-aab7b0fb-ef6ba9063507b3ddd694b5ed"><ac:parameter ac:name="">Brainbell.com</ac:parameter></ac:structured-macro>
\[Brainbell.com\] Brainbell.com. [_Advice and Warnings for C Tutorials_|http://www.brainbell.com/tutors/c/Advice_and_Warnings_for_C/].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb1d3c024ebe4c39-446807e8-416e421e-ab62925f-a0086aaaef02425a6e89edb3"><ac:parameter ac:name="">Bryant 03</ac:parameter></ac:structured-macro>
\[Bryant 2003\] Bryant, Randal E., & O'Halloran, David. _Computer Systems: A Programmer's Perspective_. Prentice Hall, 2003 (ISBN 0-13-034074-X).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2027f4088778851b-0d4339fc-4afa4b62-8b49a3c9-eac0cc1fa8f804f00dacf6d3"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 2006\] Burch, Hal, Long, Fred, & Seacord, Robert C. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e75a622eae6f2c4a-99439d12-40434dc7-bc3c898a-cae7dd830b84acf5e5521af1"><ac:parameter ac:name="">Butenhof 97</ac:parameter></ac:structured-macro>
\[Butenhof 1997\] Butenhof, David R. [Programming with POSIX® Threads |http://www.informit.com/store/product.aspx?isbn=0201633922]. Addison-Wesley Professional, 1997. (ISBN 0-201-63392-2).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e80f7f3c4060b354-2e610178-4b764ca4-9eb39594-a95c5ec660faeb503f236f70"><ac:parameter ac:name="">Callaghan 95</ac:parameter></ac:structured-macro>
\[Callaghan 1995\] Callaghan, B., Pawlowski, B., & Staubach, P. [IETF RFC 1813 NFS Version 3 Protocol Specification|http://www.ietf.org/rfc/rfc1813.txt], June 1995.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf01046428f0c61e-2f948130-4d534558-ac4583df-018234f2404465e681db8a2a"><ac:parameter ac:name="">CERT 06a</ac:parameter></ac:structured-macro>
\[CERT 2006a\] CERT/CC. [CERT/CC Statistics 1988---2006|http://www.cert.org/stats/cert_stats.html].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="791e998bee589334-a4520fdb-4b774445-83e9a6b9-fa28ea02ad03614277bfe4c0"><ac:parameter ac:name="">CERT 06b</ac:parameter></ac:structured-macro>
\[CERT 2006b\] CERT/CC. US-CERT's [Technical Cyber Security Alerts|http://www.us-cert.gov/cas/techalerts/index.html].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3811bbd0ededd5fb-5150b9c1-45194490-abb0ace1-b790ec1399e017500bb66bfc"><ac:parameter ac:name="">CERT 06c</ac:parameter></ac:structured-macro>
\[CERT 2006c\] CERT/CC. [Secure Coding|http://www.cert.org/secure-coding/] web site.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d566ae8818470ee-b0dc467e-418e4bdc-9445948e-ca1cbd16477d6d266111ac1b"><ac:parameter ac:name="">Chen 02</ac:parameter></ac:structured-macro>
\[Chen 2002\]&nbsp; Chen, H., Wagner, D., & Dean, D. [Setuid Demystified|http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf] USENIX Security Symposium, 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="85e7480fa91f133f-b9a265d6-4a2447f1-b7f2a084-89a991c9daebfe5240db6ebd"><ac:parameter ac:name="">Corfield 93</ac:parameter></ac:structured-macro>
\[Corfield 1993\] Corfield, Sean A. "[Making String Literals 'const'|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc]," November 1993.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9e8591966eaffb8-8e76e3d5-44c44b50-bf4dba5f-825a6411a324ae59d063a67e"><ac:parameter ac:name="">Coverity 07</ac:parameter></ac:structured-macro>
\[Coverity 2007\] Coverity Prevent User's Manual (3.3.0), 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fce46b047ccb1af9-984cb950-4c404ab3-a82ca015-33f88adb3895952ae0331831"><ac:parameter ac:name="">CVE</ac:parameter></ac:structured-macro>
\[CVE\] [Common Vulnerabilities and Exposures|http://cve.mitre.org/].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8fdd153d008d74a7-8796c7a8-4cd74274-8974a8ef-1a84d60bdcc5f16c7f064c0d"><ac:parameter ac:name="">CPPReference</ac:parameter></ac:structured-macro>
\[C+\+ Reference\] [Standard C Library, General C\++, C++ Standard Template Library|http://www.cppreference.com/]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3ce4157990fe42c3-dde1363e-4fb64056-8b2b95b6-40621a8bce3afc06a85f4180"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro>
\[Dewhurst 2002\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston: Addison-Wesley Professional, 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b5f44c9679fd3c7-365cd1bb-4ced4468-aa12b4f7-331dfceabde6f6d3c92268ed"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro>
\[Dewhurst 2005\] Dewhurst, Stephen C. _C+\+ Common Knowledge: Essential Intermediate Programming_. Boston, MA: Addison-Wesley Professional, 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e70aa8922a80cbc9-65d1c7d3-470f45d4-87cf950a-04e2defc6d4bfddddb1954db"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro>
\[DHS 2006\] U.S. Department of Homeland Security. [Build Security In|https://buildsecurityin.us-cert.gov/].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b56e6f5b9bae5771-336f50e8-4f1b4088-9c7fa491-b1e1ed1565ec26f80aa72f33"><ac:parameter ac:name="">DISA 2008</ac:parameter></ac:structured-macro>
\[DISA 2008\] DISA. [Application Security and Development Security Technical Implementation Guide, Version 2, Release 1|http://iase.disa.mil/stigs/stig/application_security_and_development_stig_v2r1_final_20080724.pdf]. July, 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1607cd53caaa642a-8abde135-4e0f4256-a518ae04-bd567aba58953ba3562e8855"><ac:parameter ac:name=""> DOD 5220</ac:parameter></ac:structured-macro>
\[DOD 5220\] U.S. Department of Defense. [DoD Standard 5220.22-M|http://security.ouhsc.edu/docs/policies/approved/DoD_5220.doc] (Word document).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec87952922110ab5-d57e0250-4fb941e7-8e6e84fb-3b198c6d57b423f2b2723552"><ac:parameter ac:name="">Dowd 06</ac:parameter></ac:structured-macro>
\[Dowd 2006\] Dowd, M., McDonald, J., & Schuh, J. _The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities_. Boston: Addison-Wesley, 2006. See [http://taossa.com] for updates and errata.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d64a02288aa18a93-81c12a0e-47d347d9-8d5d9e9d-8fead6efb92b8e7c856a17cc"><ac:parameter ac:name="">Drepper 06</ac:parameter></ac:structured-macro>
\[Drepper 2006\] Drepper, Ulrich. [Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)|http://people.redhat.com/drepper/defprogramming.pdf], May 3, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cbbd3ba7b9c7fc67-63681d98-45de4bde-8cf68e1b-c7e752a3ad6c5b50c528896b"><ac:parameter ac:name="">Dutta 03</ac:parameter></ac:structured-macro>
\[Dutta 2003\] Dutta, Shiv. [Best practices for programming in C|http://www.ibm.com/developerworks/aix/library/au-hook_duttaC.html], June 26, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae9fd2f53f296f15-917254c3-45fa41ce-b3b8a67c-53d0ff101e052d35ed5d97a7"><ac:parameter ac:name="">Eckel 07</ac:parameter></ac:structured-macro>
\[Eckel 2007\] Eckel, Bruce. [_Thinking in C+\+ Volume 2_|http://bruce-eckel.developpez.com/livres/cpp/ticpp/v2/], January 25, 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e724c42a41eceaba-ed0ee4f0-40a748a4-95dab3ec-48d4cfa2da0b5b16a049df14"><ac:parameter ac:name="">ECTC 98</ac:parameter></ac:structured-macro>
\[ECTC 1998\] Embedded C+\+ Technical Committee. [_The Embedded C+\+ Programming Guide Lines_|http://www.caravan.net/ec2plus/guide.html], Version WP-GU-003. January 6, 1998.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3444bd376765c13e-2335a1fd-448a4b20-a5ef86f1-87d06c6a36c02590286a4acc"><ac:parameter ac:name="">Eide and Regehr</ac:parameter></ac:structured-macro>
\[Eide and Regehr\] "[Volatiles are miscompiled, and what to do about it|http://portal.acm.org/citation.cfm?id=1450058.1450093]" Eide E., Regehr J. 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d5f199800ffb7fb6-2c0c5fb7-444b4530-9cfa951c-32855d4b0139d4971b7f4c48"><ac:parameter ac:name="">Finlay 03</ac:parameter></ac:structured-macro>
\[Finlay 2003\] Finlay, Ian A. CERT Advisory CA-2003-16, [Buffer Overflow in Microsoft RPC|http://www.cert.org/advisories/CA-2003-16.html]. CERT/CC, July 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4c9625a50c0933ee-edb0dc02-46454d3c-91d0be9e-965e523705cadac7f57d3c62"><ac:parameter ac:name="">Fisher 99</ac:parameter></ac:structured-macro>
\[Fisher 1999\] Fisher, David & Lipson, Howard. "Emergent Algorithms - A New Method for Enhancing Survivability in Unbounded Systems." _Proceedings of the 32nd Annual Hawaii International Conference on System Sciences (HICSS-32)_. Maui, HI, January 5-8, 1999.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6edda577318e2f4b-0af59ed5-4d9947b5-9a63b16f-68ff820db119eb15b900847b"><ac:parameter ac:name="">Flake 06</ac:parameter></ac:structured-macro>
\[Flake 2006\] Flake, Halvar. "[Attacks on uninitialized local variables|http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Flake.pdf]." Black Hat Federal 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13fc7a18b72709a8-995f6666-47bb4fc8-8475b2bf-4eaa65a4e18812363475767a"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro>
\[Fortify 2006\] Fortify Software Inc. [Fortify Taxonomy: Software Security Errors|http://www.fortifysoftware.com/vulncat/], 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0fe932bac8ff0aec-c56540ce-420b415e-91888cb6-4aeecc4493e429a9fae6aa2f"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>
\[FSF 2005\] Free Software Foundation. [GCC online documentation|http://gcc.gnu.org/onlinedocs], 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af1c3927fc903f78-60e9a6d1-4f6a44bd-af6d9406-eecd9f44752a0eeeb6d6001e"><ac:parameter ac:name="">Garfinkel 96</ac:parameter></ac:structured-macro>
\[Garfinkel 1996\] Garfinkel, Simson & Spafford, Gene. _Practical UNIX & Internet Security_, 2nd Edition. Sebastopol, CA: O'Reilly Media, April 1996 (ISBN 1-56592-148-8).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e10939d00ab8fc15-a135c6f0-4da24a14-90859aea-afb93fb1d358105165939e85"><ac:parameter ac:name="">GNU 10</ac:parameter></ac:structured-macro>
\[GNU 2010\] GNU. [Coding Standards|http://www.gnu.org/prep/standards/standards.html], GNU, 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5dd4ed7bda4f6899-e708b8f6-434441b2-8ee49ee5-bc4089e39b7f3603fb4a48b0"><ac:parameter ac:name="">GNU Pth</ac:parameter></ac:structured-macro>
\[GNU Pth\] Engelschall, Ralf S. [GNU Portable Threads|http://www.gnu.org/software/pth/], 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="30e33e044b7c9f32-3abdfcdf-4b5943cb-81aaa339-4cb96fcb957338bd90dd4aaa"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>
\[Goldberg 1991\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, March 1991.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5fb2f215ef506060-724d8b48-482f4f1d-afe08c1a-98e0a711c30fb452c6295a1b"><ac:parameter ac:name="">Goodin 2009</ac:parameter></ac:structured-macro>
\[Goodin 2009\] Dan Goodin. [Clever attack exploits fully-patched Linux kernel|http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/] The Register. July 2009.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5925f7dfdbe3cbbe-ca56c78a-4d98470e-a32b9874-e514055dc6dfc47713715acc"><ac:parameter ac:name="">Gough 2005</ac:parameter></ac:structured-macro>
\[Gough 2005\] Gough, Brian J. [An Introduction to GCC|http://www.network-theory.co.uk/docs/gccintro/index.html]. Network Theory Ltd, Revised August 2005 (ISBN 0-9541617-9-3).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c33c346385150312-1ef87480-47c04236-a0f797bb-5c21c0cc2db2cdb6cfd5c7a4"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graff 2003\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="58caa395185576d9-19ce1cf3-4043483e-a78b9945-43663635005cb378bc2eeba6"><ac:parameter ac:name="">Greenman 97</ac:parameter></ac:structured-macro>
\[Greenman 1997\] Greenman, David. [_serious security bug in wu-ftpd v2.4_|http://seclists.org/bugtraq/1997/Jan/0011.html]. BUGTRAQ Mailing List (bugtraq@securityfocus.com), January 2, 1997.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4cd60d08a750b56-f9e468a5-4a654bd7-9e418c4a-5f636319f2cc1a793b2c7d47"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro>
\[Griffiths 2006\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]."

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="72353103678451a8-ee5e1dce-4aad45ed-a617bfea-cb34125326f295c6c9c8f531"><ac:parameter ac:name="">Gutmann 96</ac:parameter></ac:structured-macro>
\[Gutmann 1996\] Gutmann, Peter. [Secure Deletion of Data from Magnetic and Solid-State Memory|http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html], July 1996.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5d2dda27bf2a2d73-e7cbe3ad-4bd24d23-900493e2-b26b763e79b314ff367a1027"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 2005\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="41540a7671392b92-36a64e87-448f475a-8deba5ab-13e2726ed012bb4a3da7ebe1"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro>
\[Hatton 1995\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="70e666f5101a27aa-9a0f550b-42bf44ff-827a977f-f981ead9c84047a7dafa3ccc"><ac:parameter ac:name="">Hatton 03</ac:parameter></ac:structured-macro>
\[Hatton 2003\] Hatton, Les. [EC-: A measurement based safer subset of ISO C suitable for embedded system development|http://www.leshatton.org/Documents/ISOC_subset.pdf]. November 5, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f372a7691d78ee2d-ec5531f5-45004a3c-8ac8bbb7-d5698cd9f94e112f01f8c30f"><ac:parameter ac:name="">Henricson 92</ac:parameter></ac:structured-macro>
\[Henricson 1992\] Henricson, Mats, & Nyquist, Erik. [Programming in C++, Rules and Recommendations|http://www.doc.ic.ac.uk/lab/cplus/c++.rules/]. Ellemtel Telecommunication Systems Laboratories, 1992.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c899b49dbf083114-e8a08de7-4aa44598-801aac25-a7e7b4ae109ebd6c22a55ee6"><ac:parameter ac:name="">Horton 90</ac:parameter></ac:structured-macro>
\[Horton 1990\] Horton, Mark R. _Portable C Software_. Upper Saddle River, NJ: Prentice-Hall, Inc., 1990 (ISBN:0-13-868050-7).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f66dc8909e040225-64f72658-4c43474a-b83da143-f5dff2b27b0538b838ef0ace"><ac:parameter ac:name="">Howard 02</ac:parameter></ac:structured-macro>
\[Howard 2002\] Howard, Michael, & LeBlanc, David C. _[_Writing Secure Code, 2nd ed. Redmond, WA:_|http://www.microsoft.com/mspress/books/5957.aspx]_. Microsoft Press, December 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fa35822175deaf4c-93716384-4ec2463d-b1e89b3e-33b7b27c94dc32ab8bf5c392"><ac:parameter ac:name="">HP 03</ac:parameter></ac:structured-macro>
\[HP 2003\] [Tru64 UNIX: Protecting Your System Against File Name Spoofing Attacks|http://h30097.www3.hp.com/docs/wpapers/spoof_wp/symlink_external.pdf]. Houston, TX: Hewlett-Packard Company, January 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cec1cf0614b38484-be9423d1-43b54b29-97b58247-606fd3879d932e0dde2626a5"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>
\[IEC 60812 2006\] _Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)_, 2nd ed. (IEC 60812). IEC, January 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b20eaa0403374972-b2bc45ed-414e4d0c-a66fb76e-6b3d4db1459610e17180bf51"><ac:parameter ac:name="">IEC 61508 4</ac:parameter></ac:structured-macro>
\[IEC 61508-4\]&nbsp; _Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations_, 1998.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="14dfdcf77a036d54-d0a75b12-4f1f4362-8d488bfb-e2af31f4c21d2c74422a1aca"><ac:parameter ac:name="">IEEE Std 610.12 1990</ac:parameter></ac:structured-macro>
\[IEEE Std 610.12 1990\] _IEEE Standard Glossary of Software Engineering Terminology_, September 1990.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aab810fab6ce4a8e-718d9800-4a1e44c7-96faaf1e-0da807c17ecb42db0d50fa95"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro>
\[IEEE 754 2006\] IEEE. [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985), 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf7df445dc3c3ab1-9a869247-4132410c-b468931f-ccc14a30ccc6ee8ef81b84dd"><ac:parameter ac:name="">IEEE Std 1003.1</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c2dbc9d6e50774cf-8ea3fa45-464645bb-a6c1b82f-c3666b36629a5f4be05ddbec"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro>
\[IEEE Std 1003.1-2008\] IEEE. [The Open Group Base Specifications Issue 7|http://www.opengroup.org/onlinepubs/9699919799] IEEE Std 1003.1, 2008 Edition. See also [ISO/IEC 9945-2008|#ISO/IEC 9945-2008] and [#Open Group 2008].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8345f7e0dbaeac21-8da5dd2d-47724ae9-b6d68945-ff910404a4225935ae9cda55"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="344f3e28670e5ff2-ebdb48f1-4e0246a8-9f71a25a-0fdc50a985a11b5b688a44b4"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
\[IEEE Std 1003.1, 2004\] IEEE. [The Open Group Base Specifications Issue 6|http://www.opengroup.org/onlinepubs/009695399/] IEEE Std 1003.1, 2004 Edition. See also [ISO/IEC 9945-2004|#ISO/IEC 9945-2004] and [#Open Group 04].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dfde249d8c197bb8-3b065fd6-40554ab7-ad2a8415-a8bd6277c04c86648ec66f43"><ac:parameter ac:name="">IEEE 1003</ac:parameter></ac:structured-macro>
\[ilja 2006\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2e70461d3cc61fd0-3d83d4c5-4c5e4dd5-a5b9af76-b35db75eb5f8b7e4b5d97593"><ac:parameter ac:name="">Intel 01</ac:parameter></ac:structured-macro>
\[Intel 2001\] Intel Corp. [_Floating-Point IEEE Filter for Microsoft\* Windows\* 2000 on the Intel® Itanium™ Architecture_|ftp://download.intel.com/software/opensource/libraries/ieee/ieee_filter_windows2000.pdf], March 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7eae821a5d131d51-b981e193-4e294ec6-97aebe26-e1232d0ffad886069a003c13"><ac:parameter ac:name="">Internet Society 00</ac:parameter></ac:structured-macro>
\[Internet Society 2000\] The Internet Society. [Internet Security Glossary (RFC 2828)|ftp://ftp.rfc-editor.org/in-notes/rfc2828.txt], 2000.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="112c8471fe8226ec-920ea7cf-42fb47c5-86d9b471-21cc8dbca5221753fa881c6e"><ac:parameter ac:name="">ISO/IEC 646-1991</ac:parameter></ac:structured-macro>
\[ISO/IEC 646:1991\] ISO/IEC. _Information technology: ISO 7-bit coded character set for information interchange_ (ISO/IEC 646-1991). Geneva, Switzerland: International Organization for Standardization, 1991.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="61b87f8ca8facde8-bdcd5181-4dd44d80-b3ddae2d-ab811c0ffa720381f9c56401"><ac:parameter ac:name="">ISO/IEC 9945-2008</ac:parameter></ac:structured-macro>
\[ISO/IEC 9945:2008\] _ISO/IEC 9945:2008 Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX_ _^®^{_}_)_.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bed7f36898b2beb3-e9782813-4446493d-aae38d58-17b9f0ab031f7fad18930cf6"><ac:parameter ac:name="">ISO/IEC 9945-2003</ac:parameter></ac:structured-macro>
\[ISO/IEC 9945:2003\] _ISO/IEC 9945:2003 (including Technical Corrigendum 1), Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX®)_.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ede35414a7522928-f5968f84-48a041bc-b37eaaa8-d59bdfc09c3a5600a7facd5f"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899:1999\] ISO/IEC. _Programming Languages---C, 2nd ed_ (ISO/IEC 9899:1999). Geneva, Switzerland: International Organization for Standardization, 1999.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b03de53ca6a7c507-28a401e3-4fc242f8-914a927a-ed2c96cc5a23c73d49729015"><ac:parameter ac:name="">ISO/IEC 10646-2003</ac:parameter></ac:structured-macro>
\[ISO/IEC 10646:2003\] _Information technology - Universal Multiple-Octet Coded Character Set (UCS)_ (ISO/IEC 10646:2003). Geneva, Switzerland: International Organization for Standardization, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f57eaabb717e8c35-907942cf-4da54674-9db5a17e-c5b9059696ffb716958d9dfa"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro>
\[ISO/IEC 14882:2003\] ISO/IEC. _Programming Languages --- C++, Second Edition_ (ISO/IEC 14882-2003). Geneva, Switzerland: International Organization for Standardization, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c93f7e090143f338-c5547c39-45e34b96-bfd2ad21-62bdfc16c2cd54fe86a51f1e"><ac:parameter ac:name="">ISO/IEC 23360-1-2006</ac:parameter></ac:structured-macro>
\[ISO/IEC 23360-1:2006\] [_Linux Standard Base (LSB) core specification 3.1 - Part 1: Generic specification_|http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic.pdf]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51982afaed78f387-0bd38060-4ed64293-ac09ab7a-8021d8d776098dc07aee7643"><ac:parameter ac:name="">ISO/IEC 03</ac:parameter></ac:structured-macro>
\[ISO/IEC 2003\] ISO/IEC. [_Rationale for International Standard --- Programming Languages --- C, Revision 5.10_|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf]. Geneva, Switzerland: International Organization for Standardization, April 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3b8d7288da449bcc-07f9b923-47524627-b839956c-3e6b252896f8a4583043bb7d"><ac:parameter ac:name="">ISO/IEC JTC1/SC22/WG11</ac:parameter></ac:structured-macro>
\[ISO/IEC JTC1/SC22/WG11\] ISO/IEC. [_Binding Techniques_|http://www.open-std.org/JTC1/SC22/WG11/] (ISO/IEC JTC1/SC22/WG11), 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a108db27202108f9-b221b439-49144aa8-a93b962d-ef79bd7ab16b68cba833d366"><ac:parameter ac:name="">ISO/IEC DTR 24732</ac:parameter></ac:structured-macro>
\[ISO/IEC DTR 24732\] ISO/IEC JTC1 SC22 WG14 N1290. [Extension for the programming language C to support decimal floating-point arithmetic|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1290.pdf], March 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1706dcf5f165f803-0095cda3-47aa408d-8b6aa04c-210c7a1acdae9a5bb1fdd1b2"><ac:parameter ac:name="">ISO/IEC PDTR 24731-2-2007</ac:parameter></ac:structured-macro>
\[ISO/IEC PDTR 24731-2\] [Extensions to the C Library, --- Part II: Dynamic Allocation Functions|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1248.pdf], August 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87d5837834cf0cb9-66ae5953-40484b54-a3e688f2-b2cd8f30c8c74ac76ce42294"><ac:parameter ac:name="">ISO/IEC TR 24772-2010</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24772:2010\] ISO/IEC TR 24772. _Information Technology_ --- _Programming Languages_ --- _Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_, October, 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="255de17caad13335-73abca03-4a4b4eaa-90a5939a-343f0e1980fd41cd49f05c90"><ac:parameter ac:name="">ISO/IEC TR 24731-1-2007</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-1:2007\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. Geneva, Switzerland: International Organization for Standardization, April 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="47b2bbc78e341fcf-cb0ee260-4fac45a8-b4968110-f0f7539363eadaac20e201ba"><ac:parameter ac:name="">ISO/IEC TR 24731-2-2010</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-2:2010\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part II: Dynamic Allocation Functions_. Geneva, Switzerland: International Organization for Standardization, April 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0a17d8577905b1e9-792c6395-4e494957-b5deaf2d-d82849ddc97bee7c5320b585"><ac:parameter ac:name="">Jack 07</ac:parameter></ac:structured-macro>
\[Jack 2007\] Jack, Barnaby. [_Vector Rewrite Attack_|http://cansecwest.com/csw07/Vector-Rewrite-Attack.pdf], May 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13a3c0891e52074f-31a583ef-4fea4b01-85849ae6-37a7054e01a02855d2e3c236"><ac:parameter ac:name="">Jones 04</ac:parameter></ac:structured-macro>
\[Jones 2004\] Jones, Nigel. ["Learn a new trick with the offsetof() macro."|http://www.netrino.com/Articles/OffsetOf/index.php] _Embedded Systems Programming_, March 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e77fc8bed09f03cb-78fa8302-42354018-b00bb0c4-918711ef2b044a8b9a6fb374"><ac:parameter ac:name="">Jones 08</ac:parameter></ac:structured-macro>
\[Jones 2008\] Jones, Derek M. [The New C Standard: An economic and cultural commentary|http://www.knosof.co.uk/cbook/]. Knowledge Software Ltd., 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c908225d1b59a82-71e426a7-427c4ff0-b7059c6e-9c0a33638735234f296409eb"><ac:parameter ac:name="">Jones 09</ac:parameter></ac:structured-macro>
\[Jones 2009\] Jones, Larry. [WG14 N1425 Committee Draft ISO/IEC 9899:201x|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1425.pdf]. November 24, 2009.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9880b586710b10c-1ff12642-4a554d74-8376b2f8-659faad9bc6fa5306bf7cc94"><ac:parameter ac:name="">Jones 10</ac:parameter></ac:structured-macro>
\[Jones 2010\] Jones, Larry. [WG14 N1547 Committee Draft ISO/IEC 9899:201x|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1547.pdf]. December 2, 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb86ad9c82f337cc-3f4ad21a-446b4b05-b051833c-89e3dfa90c4f030a21bf9c8e"><ac:parameter ac:name="">Keaton 09</ac:parameter></ac:structured-macro>
\[Keaton 2009\] David Keaton, Thomas Plum, Robert C. Seacord, David Svoboda, Alex Volkovitsky, Timothy Wilson. [As-if Infinitely Ranged Integer Model|http://www.sei.cmu.edu/publications/documents/09.reports/09tn023.html]. CMU/SEI-2009-TN-023. July, 2009.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="11f8e759d0a18302-f7b7f286-49c44c01-85b0adc7-919718daae1650a70a6ebc48"><ac:parameter ac:name="">Keil 08</ac:parameter></ac:structured-macro>
\[Keil 2008\] Keil, an ARM Company. "[Floating Point Support|http://www.keil.com/support/man/docs/armlib/armlib_bihbjiea.htm]." _RealView Libraries and Floating Point Support Guide_, 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9916da2b52d5c734-4ac5fdec-46a94334-ba1db42d-38c02c4724b4ae5c25d85f38"><ac:parameter ac:name="">Kennaway 00</ac:parameter></ac:structured-macro>
\[Kennaway 2000\] Kennaway, Kris. [Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3], December 2000.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="26a02714e8c49f1d-13f94061-46404bd4-a9a69b60-e7eb6f96cce689ea5482e779"><ac:parameter ac:name="">Kernighan 88</ac:parameter></ac:structured-macro>
\[Kernighan 1988\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aae5d7acb11ee305-f4eeb31b-4eeb4df4-9d47856e-494845a3258ad18522f47b7b"><ac:parameter ac:name="">Kernighan 147</ac:parameter></ac:structured-macro>
\[Kernighan 147\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="24547b0a46731fbc-9624978f-4ae54d9f-bdff8bf2-35cfb95cac370182e2e88537"><ac:parameter ac:name="">Kettle 02</ac:parameter></ac:structured-macro>
\[Kettlewell 2002\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html], February 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ffae68756f19685e-c4d5cca8-4761433b-971189e0-aa079849071b49033851234d"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro>
\[Kettlewell 2003\] Kettlewell, Richard. [_Inline Functions In C_|http://www.greenend.org.uk/rjk/2003/03/inline.html], March 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9e0ee05d557cfb2-1b6279e8-460b4820-aee29927-18024b252cdf0b0875920552"><ac:parameter ac:name="">Kirch-Prinz 02</ac:parameter></ac:structured-macro>
\[Kirch-Prinz 2002\] Kirch-Prinz, Ulla & Prinz, Peter. _C Pocket Reference_. Sebastopol, CA: O'Reilly, November 2002 (ISBN: 0-596-00436-2).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="08e67b5168d1328c-a8aedbd6-439f40c8-bd8bbc9f-d9213b4fbf9e43875f2cad63"><ac:parameter ac:name="">Klarer 04</ac:parameter></ac:structured-macro>
\[Klarer 2004\] Klarer, R., Maddock, J., Dawes, B. & Hinnant, H. "Proposal to Add Static Assertions to the Core Language (Revision 3)." ISO C+\+ committee paper ISO/IEC JTC1/SC22/WG21/N1720, October 2004. Available at [http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1720.html].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ccd07c65ac1c9f3e-bf233206-47fa4ba3-b7089380-a89faa893fcd8f6d290b03c2"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
\[Klein 2002\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html], 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aaf681328e2aeb4c-a8209ddd-479a425c-9dcfa433-e9c8f853437d5fdfec0c9a2c"><ac:parameter ac:name="">Koenig 89</ac:parameter></ac:structured-macro>
\[Koenig 1989\] Koenig, Andrew. _C Traps and Pitfalls_. Addison-Wesley Professional, January 1, 1989.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e89ae8cd99f4d74f-0ba22c34-4d4e4ab2-bee18f95-56c1f18b4e3ab5709fe4a020"><ac:parameter ac:name="">Kuhn 06</ac:parameter></ac:structured-macro>
\[Kuhn 2006\] Kuhn, Markus. [_UTF-8 and Unicode FAQ for Unix/Linux_|http://www.cl.cam.ac.uk/~mgk25/unicode.html], 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87eb580931820d9b-1068a50b-454541c7-8b5aacdd-7fb59b7f1b6437871bdc503a"><ac:parameter ac:name="">Lai 06</ac:parameter></ac:structured-macro>
\[Lai 2006\] Lai, Ray. "[Reading Between the Lines|http://undeadly.org/cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab4bdb11b7bf893c-b5054fd1-4e2a4f40-a9148713-a580eb1a267094905f27f594"><ac:parameter ac:name="">Lewis 06</ac:parameter></ac:structured-macro>
\[Lewis 2006\] Lewis, Richard. "[Security Considerations When Handling Sensitive Data|http://secureapps.blogspot.com/2006/10/security-considerations-when-handling.html]." Posted on the Application Security by Richard Lewis blog October 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ecaaea2c3686d3e-c420e5de-4f1b47a7-b15db558-fed24bf07f45282ed0aa28bf"><ac:parameter ac:name="">Linux 08</ac:parameter></ac:structured-macro>
\[Linux 2008\] [Linux Programmer's Manual|http://www.kernel.org/doc/man-pages/online_pages.html], October 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5a169351774ff978-b356a3a3-44cd401a-a65b9a1f-75d706b8089bfaea793c23e8"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro>
\[Lions 1996\] Lions, J. L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="61a63dd98fce5e20-58fbdc62-4d244e10-8b24990c-dfa2436a2db27163da6fcbbd"><ac:parameter ac:name="">Lipson 00</ac:parameter></ac:structured-macro>
\[Lipson 2000\] Lipson, Howard & Fisher, David. "Survivability: A New Technical and Business Perspective on Security," 33-39. _Proceedings of the 1999 New Security Paradigms Workshop_. Caledon Hills, Ontario, Canada, Sept. 22-24, 1999. New York: Association for Computing Machinery, 2000.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e44422e39db8638d-e5f2ec14-4f4e403a-89b5a299-9686131904f89e41b2bc856f"><ac:parameter ac:name="">Lipson 06</ac:parameter></ac:structured-macro>
\[Lipson 2006\] Lipson, Howard. _Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks_ (CMU/SEI-2006-TN-027).&nbsp; Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ae8ab91bfe1ffb8-db31080a-49a440a6-80588088-f185a1af97f477fd43dba1a2"><ac:parameter ac:name="">Lipson 2009</ac:parameter></ac:structured-macro>
\[Liu 2009\] Likai Liu. [Making NULL-pointer reference legal|http://lifecs.likai.org/2009/01/making-null-pointer-reference-legal.html], Life of a Computer Science Student, January, 2009.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5fb958c36fc16690-4172e12f-403e48ed-81b08e4a-81fc144803cd97cd4cbc4f66"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro>
\[Lockheed Martin 2005\] Lockheed Martin. "[Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program.|http://www.research.att.com/~bs/JSF-AV-rules.pdf]" Document Number 2RDU00001 Rev C., December 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6ec151be5033441b-e33d3369-4836478f-9cf5ac56-4fba911771af100dbf5afef2"><ac:parameter ac:name="">Loosemore 07</ac:parameter></ac:structured-macro>
\[Loosemore 2007\] Loosemore, Sandra, Stallman, Richard M., McGrath, Roland, Oram, Andrew, & Drepper, Ulrich. [The GNU C Library Reference Manual|http://www.gnu.org/software/libc/manual/], Edition 0.11, September 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="62fdefa99eac44a9-e491db9e-41dc46bc-9bf180c7-35d70d7f264ca824a9019389"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro>
\[McCluskey 2001\] [_flexible array members and designators in C9X_|http://www.usenix.org/publications/login/2001-07/pdfs/mccluskey.pdf] ;login:, July 2001, Volume 26, Number 4, p. 29---32.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ba0a015b408fadc-6ca925f9-4eae4c02-b3d89d64-05d55924847538381c1199a7"><ac:parameter ac:name="">Mell 07</ac:parameter></ac:structured-macro>
\[Mell 2007\] P. Mell, K. Scarfone, and S. Romanosky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0", FIRST, June 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68c245217dc498df-c58f82c4-4e3a4bf8-b6ac9e1f-d0bf69d3b10b3120b86b3764"><ac:parameter ac:name="">mercy 06</ac:parameter></ac:structured-macro>
\[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip], January 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b7b8bb164330905-36ea3e15-46174071-97d3bd19-6108759f866b193f50f63b74"><ac:parameter ac:name="">Meyers 2004</ac:parameter></ac:structured-macro>
\[Meyers 2004\] Randy Meyers. [Limited size_t|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1080.pdf] WG14 N1080. September, 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c61c5c7377a5fa7-6bab9309-44c749fd-b00bb2b2-6aa3bf110752250c9dc32b68"><ac:parameter ac:name="">Microsoft 03</ac:parameter></ac:structured-macro>
\[Microsoft 2003\] Microsoft Security Bulletin MS03-026, "[Buffer Overrun In RPC Interface Could Allow Code Execution (823980)|http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx]," September 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f5c236154136d236-da266fb4-44ac4e33-a4a4b3d2-3a844ef0f8beb7cb1418958f"><ac:parameter ac:name="">Microsoft 07</ac:parameter></ac:structured-macro>
\[Microsoft 2007\] [C Language Reference|http://msdn2.microsoft.com/en-us/library/fw5abdx6(VS.80).aspx], 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b4cebabfa1e3bd0f-ba28ee72-402b4a43-85fb9343-c2eb9eb131ddce736551a30a"><ac:parameter ac:name="">Miller 99</ac:parameter></ac:structured-macro>
\[Miller 1999\] Todd C. Miller and Theo de Raadt. strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation. In Proceedings of the FREENIX Track, 1999 USENIX Annual Technical Conference.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ee5cc877cb004cec-0dca2634-495c4486-9cc99d7c-1287c07eb236f71386e2b9f6"><ac:parameter ac:name="">Miller 04</ac:parameter></ac:structured-macro>
\[Miller 2004\] Miller, Mark C., Reus, James F., Matzke, Robb P., Koziol, Quincey A., & Cheng, Albert P. "[Smart Libraries: Best SQE Practices for Libraries with an Emphasis on Scientific Computing|https://wci.llnl.gov/codes/smartlibs/UCRL-JRNL-208636.pdf]." _Proceedings of the Nuclear Explosives Code Developer's Conference_, December 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d714ef0dbe24177e-15593b7f-44c14816-b7af8255-4551e1118ff9b22a477e5077"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
\[MISRA 2004\] MISRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae15096d16bbfae5-47156faa-4deb4df3-aee5849a-4131ccb2ccec2a849c681790"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro>
\[MISRA 2008\] MIRA Limited. "[MISRA C+\+|http://www.misra.org.uk/]: 2008 "Guidelines for the Use of the C+\+ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="61ecdefc5824e5b0-31d737bb-4b3a4d7e-aef395b7-0435eec95e7dab7b4e0eef7b"><ac:parameter ac:name="">MIT 04</ac:parameter></ac:structured-macro>
\[MIT 2004\] MIT. "[MIT krb5 Security Advisory 2004-002|hhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt], 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10ad49d300b90c62-c05b81a6-412d461d-950fa310-36157c6a1d5df8f0d2543777"><ac:parameter ac:name="">MIT 05</ac:parameter></ac:structured-macro>
\[MIT 2005\] MIT. "[MIT krb5 Security Advisory 2005-003|http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-003-recvauth.txt], 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="98e1ceaf97d40993-718ec84b-4b1a41b4-8bdfbc0a-c709688f719d8174a06e8f77"><ac:parameter ac:name="">MITRE</ac:parameter></ac:structured-macro>
\[MITRE\] MITRE. [Common Weakness Enumeration, Version 1.8|http://cwe.mitre.org/], February 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b70c66ef10d69154-da692863-44784e5a-ae42bdbf-22c9cef7dff5e2c8bd1cd13a"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro>
\[MITRE 2007\] MITRE. [Common Weakness Enumeration, Draft 9|http://cwe.mitre.org/], April 2008.
\\

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="648d8a705278e2f3-ff4712c5-4b0f42c4-a08988af-c214b972825f67f922e5eb33"><ac:parameter ac:name="">MKS</ac:parameter></ac:structured-macro>
\[MKS\] MKS Inc. [MKS Reference Pages|http://www.mkssoftware.com/docs/api_index.asp/]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6dbcaeea3048fc90-f68212fe-4acb45b1-bbaa9894-4099639ab3fbe116115da990"><ac:parameter ac:name="">MSDN</ac:parameter></ac:structured-macro>
\[MSDN\] [Microsoft Developer Network|http://msdn.microsoft.com/en-us/default.aspx].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27be124cb0182336-7c07625b-4d114837-9f62bc84-627d474dd09178cd82867529"><ac:parameter ac:name="">Murenin 07</ac:parameter></ac:structured-macro>
\[Murenin 2007\] Murenin, Constantine A. "[cnst: 10-year-old pointer-arithmetic bug in make(1) is now gone, thanks to malloc.conf and some debugging|http://cnst.livejournal.com/24040.html]," June 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9322bcedda711b27-b8e62e00-45ff4551-87e5866a-71a403fcd90e02ec6f43ec89"><ac:parameter ac:name="">NAI 98</ac:parameter></ac:structured-macro>
\[NAI 1998\] Network Associates Inc. [Bugtraq: Network Associates Inc. Advisory (OpenBSD)|http://seclists.org/bugtraq/1998/Aug/0071.html], 1998.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="85d620af87609c74-28dca7b5-46d04170-9c319139-c3864bf0f0e43694d463f28a"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5bb21b4614739720-db918ee6-44d642db-9d7187f6-0810a37726885929554e8e86"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
\[NIST 2006\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/], 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="07cd6c7ea1119337-44284cfe-4d784564-b8a09964-12395d5667e5a55b5d9c853e"><ac:parameter ac:name="">OpenBSD</ac:parameter></ac:structured-macro>
\[OpenBSD\] Berkley Software Design, Inc. [Manual Pages|http://www.openbsd.org/cgi-bin/man.cgi], June 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="30709e0c9ab3f4ae-df0d930b-449d4768-8c9d8e76-7066433e6bcf5b2c7f6427ac"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="05850b63c72a8a0c-538a7a5d-41634d73-86679df5-d1bd6682f06f2a0b0055c538"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="12aeca7d0c2b2def-cb2e14d6-411f494b-b6aca52e-c1dcb2ab2a63a3e52592a847"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a99c483a72ee9e4f-f759b15e-418d409d-b01184bd-3a9a3c5733cd6e6e3c96edbb"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>\[Open Group 2008\] The Open Group. "[_The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition_|http://www.opengroup.org/onlinepubs/9699919799/toc.htm]." (2008). See also [IEEE Std 1003.1-2008|#IEEE Std 1003.1-2008].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="342005f025c17449-4bded644-4681432d-b19bae2f-68c6caa21e6880632fbe4ab0"><ac:parameter ac:name="">Open Group 97a</ac:parameter></ac:structured-macro>
\[Open Group 1997a\] The Open Group. [_The Single UNIX® Specification, Version 2_|http://www.opengroup.org/onlinepubs/7990989775/toc.htm], 1997.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ce86a3d91ac9827-521ee4dc-45c24375-b6e8acf4-897f0ac4caf4a6a1fdca5c39"><ac:parameter ac:name="">Open Group 97b</ac:parameter></ac:structured-macro>
\[Open Group 1997b\] The Open Group. [_Go Solo 2---The Authorized Guide to Version 2 of the Single UNIX Specification_|http://www.unix.org/whitepapers/64bit.html], May 1997.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="481b17c654d04239-c44ab1e5-4ff34148-bd8388de-6a7f559a17637363883652ba"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2903aad3ecca59c-f41d172d-4c244a7e-8ba4abf2-5714e57e4bf5fe309bfc7fb6"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="047c91b834b13245-07423b8d-46ed478c-a5b18e43-4206a3d51d87ffe7fa6f2491"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eeb833bc221c1249-0b9b35bd-4f934b96-a4239056-d0556007f2b95dd54415f7d2"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>\[Open Group 2004\] The Open Group. "[_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm]." (2004). See also [IEEE Std 1003.1-2004|#IEEE Std 1003.1-2004].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4c11e647b163f45f-491b1494-4cb440da-b204a937-e1dc9ea02b46595597545b52"><ac:parameter ac:name="">OpenMP</ac:parameter></ac:structured-macro>
\[OpenMP\] [http://openmp.org/wp/|http://openmp.org/wp/]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8263e6b428a64007-2161729f-4ce2462f-8800834f-4ecb801671c8859a7bc85214"><ac:parameter ac:name="">OWASP Double Free</ac:parameter></ac:structured-macro>
\[OWASP Double Free\] Open Web Application Security Project, "[Double Free|http://www.owasp.org/index.php/Double_Free]."

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab1a2b3f33827a2a-c57e52df-41814344-a4769608-f95bcbd293e522d91052c8cf"><ac:parameter ac:name="">OWASP Freed Memory</ac:parameter></ac:structured-macro>
\[OWASP Freed Memory\] Open Web Application Security Project, "[Using freed memory|http://www.owasp.org/index.php/Using_freed_memory]."

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9f19009230ea262-d352741e-43bf4adb-a88a90bb-048c9528f2556b555d972e97"><ac:parameter ac:name="">Pethia 03</ac:parameter></ac:structured-macro>
\[Pethia 2003\] Pethia, Richard D. "[Viruses and Worms: What Can We Do About Them?|http://www.cert.org/congressional_testimony/Pethia-Testimony-9-10-2003/]" September 10, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="94b0d7a6001d9d61-71b215bf-4bfb4451-a5498ffe-992b8bcd8f1ae4a311b17c5b"><ac:parameter ac:name="">Pfaff 04</ac:parameter></ac:structured-macro>
\[Pfaff 2004\] Pfaff, Ken Thompson. "[Casting (time_t)(-1)|http://groups.google.com/group/comp.lang.c/browse_thread/thread/8983d8d729244f2b/ea0e2972775a1114?#ea0e2972775a1114]." _Google Groups comps.lang.c_, March 2, 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ea926c30e25857ba-d53f7a2c-4492402e-9e05bf32-134d8294e4991dfd18b4a7c8"><ac:parameter ac:name="">Pike 93</ac:parameter></ac:structured-macro>
\[Pike 1993\] Pike, Rob & Thompson, Ken. "Hello World." _Proceedings of the USENIX Winter 1993 Technical Conference_, San Diego, CA, January 25-\--29, 1993, pp. 43-\--50.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="374ab886eb1230b7-63133c2c-4acc403a-a23b8801-41db3c65d642ba14cad78530"><ac:parameter ac:name="">Plakosh 05</ac:parameter></ac:structured-macro>
\[Plakosh 2005\] Plakosh, Dan. [_Consistent Memory Management Conventions_|https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/coding/476.html], 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="46459b10531ab102-029f4098-47664518-98489396-e2390725c32f92ac7e7c5861"><ac:parameter ac:name="">Plum 85</ac:parameter></ac:structured-macro>
\[Plum 1985\] Plum, Thomas. _Reliable Data Structures in C_. Kamuela, HI: Plum Hall, Inc., 1985 (ISBN 0-911537-04-X).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="481ab96f57d6390e-8db26e05-42db4e95-916aa14e-0c97788d2d7197ee3bb53d65"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
\[Plum 1989\] Plum, Thomas, & Saks, Dan. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, 1989 (ISBN 0911537074).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09d1c7c73ba48eb6-b26ffd09-44f1468a-923792eb-866da0c26828f5cb0576097b"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
\[Plum 1991\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, 1991 (ISBN 0911537104).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7a71679489856a7c-b0196818-44b84262-86ae94c1-6340c56ab8b600b9f65e36e2"><ac:parameter ac:name="">Plum 08</ac:parameter></ac:structured-macro>
\[Plum 2008\] Plum, Thomas. Static Assertions. June, 2008. [http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1330.pdf]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a03aa5886c7a733-e03a5a11-4ae2499e-b08e8f6a-eed0f7bc4a10fd746c1e2b6d"><ac:parameter ac:name="">Redwine 06</ac:parameter></ac:structured-macro>
\[Redwine 2006\] Redwine, Samuel T., Jr., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. U.S. Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ff784f66d86d823-cc5819ff-49974fc3-a4a29b27-6f2f7ab19e4809c97f604f1e"><ac:parameter ac:name="">RUS-CERT</ac:parameter></ac:structured-macro>
\[RUS-CERT\] RUS-CERT Advisory 2002-08:02, "[Flaw in calloc and similar routines|http://cert.uni-stuttgart.de/advisories/calloc.php]," 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53a087fcba4d9f3d-daf4f4a1-4d4942af-972cbd4d-fae2155f29fdbc31db2605f1"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro>
\[Saltzer 1974\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM 17_, 7 (July 1974): 388---402.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65acba691b8bb105-f76c03a7-46494e0b-97338fcf-d6bfa692257ab1fdff2f65af"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro>
\[Saltzer 1975\] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." _Proceedings of the IEEE 63_, 9 (September 1975): 1278-1308.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7324d642f8af04ba-50e260c7-4bd44cdf-b35993b6-4cf80842a57cc77916f66625"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>
\[Saks 1999\] Saks, Dan. "[const T vs.T const|http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]." _Embedded Systems Programming_, February 1999, pp. 13-16.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a38fcef1967c5a50-912db19e-448c4896-b7a19723-786fb10702d2a760bc90c2f2"><ac:parameter ac:name="">Saks 00</ac:parameter></ac:structured-macro>
\[Saks 2000\] Saks, Dan. "[Numeric Literals|http://www.embedded.com/2000/0009/0009pp.htm]." _Embedded Systems Programming_, September 2000.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff2b9fb9079d6413-5d496554-4968440f-bb53abc8-e3183e3f6321184c417dc2f2"><ac:parameter ac:name="">Saks 01a</ac:parameter></ac:structured-macro>
\[Saks 2001a\] Saks, Dan. "[Symbolic Constants|http://www.embedded.com/story/OEG20011016S0116]." _Embedded Systems Design_, November 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b262ca0a59e272a-6a34e790-4e4d460c-8519b157-f5d4f964826a4948bc2da70a"><ac:parameter ac:name="">Saks 01b</ac:parameter></ac:structured-macro>
\[Saks 2001b\] Saks, Dan. "[Enumeration Constants vs. Constant Objects|http://www.embedded.com/columns/programmingpointers/9900402]." _Embedded Systems Design_, November 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fa12c9a374de40fc-887522ce-42be4a4c-8cd4a7e8-c1343bfb27cb8a34f399c2be"><ac:parameter ac:name="">Saks 02</ac:parameter></ac:structured-macro>
\[Saks 2002\] Saks, Dan. "[Symbolic Constant Expressions|http://www.embedded.com/story/OEG20020124S0117]." _Embedded Systems Design_, February 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="86fa31fc070ad46d-992d2a70-4c8c4a3b-a923850d-32ebabc30f44facdea11694f"><ac:parameter ac:name="">Saks 05</ac:parameter></ac:structured-macro>
\[Saks 2005\] Saks, Dan. "[Catching Errors Early with Compile-Time Assertions|http://www.embedded.com/columns/programmingpointers/164900888?_requestid=287187]." _Embedded Systems Design_, June 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e14b6194cabc47a7-b83c3d63-43814872-8f67abed-a77bdf086fbbdf9bdca6680e"><ac:parameter ac:name="">Saks 07a</ac:parameter></ac:structured-macro>
\[Saks 2007a\] Saks, Dan. "[Sequence Points|http://www.embedded.com/columns/programmingpointers/9900661?_requestid=481957]" _Embedded Systems Design_, July 1, 2002.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0308166acb369c77-8f734f7f-47b84d93-bbbd8eed-1d6d60a1f4f13e55b7657b97"><ac:parameter ac:name="">Saks 07b</ac:parameter></ac:structured-macro>
\[Saks 2007b\] Saks, Dan. [Bail, return, jump, or . . . throw?|http://www.embedded.com/columns/programmingpointers/197008821]. _Embedded Systems Design_, March 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1cde42571563c59-d428df39-49da48db-8c519c7d-912d6d01e0a0cd985c01e1a5"><ac:parameter ac:name="">Saks 08</ac:parameter></ac:structured-macro>
\[Saks 2008\] Saks, Dan, & Dewhurst, Stephen C. "Sooner Rather Than Later: Static Programming Techniques for C++" (presentation, March 2008).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="70f13029544453ed-3efae444-4e034b8f-a274884a-f1cf0d9f4bc31608bda7d198"><ac:parameter ac:name="">Schwarz 05</ac:parameter></ac:structured-macro>
\[Schwarz 2005\] Schwarz, B., Wagner, Hao Chen, Morrison, D., West, G., Lin, J., & Tu, J. Wei. "Model checking an entire Linux distribution for security violations." _Proceedings of the 21st Annual Computer Security Applications Conference_, December 2005 (ISSN 1063-9527; ISBN 0-7695-2461-3).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="053c89e9c780331f-c0834445-41ea4748-adeea3d7-3a689e8ec419a3c6fce286e1"><ac:parameter ac:name="">Seacord 03</ac:parameter></ac:structured-macro>
\[Seacord 2003\] Seacord, Robert C., Plakosh, Daniel, & Lewis, Grace A. [_Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices_|http://www.informit.com/store/product.aspx?isbn=0321118847]. Addison-Wesley, February 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7628aa6ae771adb8-e3967c1d-4f4e4f92-b277a635-1f83f30b6a44cf6e7773b44c"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro><ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59d1f37d02ce7319-13e8351e-4ea64044-aaa482e2-0d498ad29d10201356be58cb"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
\[Seacord 2005a\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e07696620709063b-7b75dd2c-43c44f71-9099b212-2cb5a17e55338b4b4011a835"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
\[Seacord 2005b\] Seacord, Robert C. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30---34.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1e74aceca8ab62fc-f27c2516-4b6248da-8831b5e1-597e556bd7dd165565512af0"><ac:parameter ac:name="">Seacord 05c</ac:parameter></ac:structured-macro>
\[Seacord 2005c\] Seacord, Robert C. [_Variadic Functions: How they contribute to security vulnerabilities and how to fix them_|http://www.cert.org/books/secure-coding/LWM%203-11%20%28Seacord%29.pdf]. _Linux World Magazine_, November 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9664efa772d6dff3-3f42b071-465248a8-8424be53-e22b1ebfa01937ccd5834688"><ac:parameter ac:name="">Secunia</ac:parameter></ac:structured-macro>
\[Secunia\] Secunia Advisory SA10635, "[HP-UX calloc Buffer Size Miscalculation Vulnerability|http://secunia.com/advisories/10635/]," 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="75f5217851b685a0-3c0a0866-4ad744bc-858ea958-c4fef13ff9474c6a93f8e5f8"><ac:parameter ac:name="">SecurityFocus 07</ac:parameter></ac:structured-macro>
\[SecurityFocus 2007\] SecurityFocus. "[Linux Kernel Floating Point Exception Handler Local Denial of Service Vulnerability|http://www.securityfocus.com/bid/10538/discuss]," 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b652f693af1ef709-31fc9539-4f6e4139-880f9518-c7304e4285667c47a91a9ccc"><ac:parameter ac:name="">SecuriTeam 07</ac:parameter></ac:structured-macro>
\[SecuriTeam 2007\] SecuriTeam. "[Microsoft Visual C+\+ 8.0 Standard Library Time Functions Invalid Assertion DoS (Problem 3000)|http://www.securiteam.com/windowsntfocus/5MP0D0UKKO.html]," February 13, 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fa596101b8f144b9-efbc9642-49c24eb4-9d9491d9-5e501ea74fae43fbab0e523b"><ac:parameter ac:name="">Sloss 04</ac:parameter></ac:structured-macro>
\[Sloss 2004\] Sloss, Andrew, Symes, Dominic, & Wright, Chris. [_ARM System Developer's Guide_|http://www.arm.com/documentation/books/4975.html]. San Francisco:Elsevier/Morgan Kauffman, 2004 (ISBN-10: 1558608745; ISBN-13: 978-1558608740).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3ab14a038a8ad8f-6d384f16-43904c29-abbeb71e-638f0ef7784425abd955d610"><ac:parameter ac:name="">Spinellis 06</ac:parameter></ac:structured-macro>
\[Spinellis 2006\] Spinellis, Diomidis. [_Code Quality: The Open Source Perspective_|http://www.spinellis.gr/codequality]. Addison-Wesley, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dbb82cd5ed87c848-271cedc5-4cdb4d83-aad5b006-cc84b8af8031c2961335cc24"><ac:parameter ac:name="">StackOvflw 09</ac:parameter></ac:structured-macro>
\[StackOvflw 2009\] ["Should I return TRUE / FALSE values from a C function?"|http://stackoverflow.com/questions/559061/should-i-return-true-false-values-from-a-c-function] StackOverflow.com User Questions. March 15, 2010.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ed88804cff48301a-0ac3b5e7-4a2941fd-ae5f9f94-97d49012110b190508c16278"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro>
\[Steele 1977\] Steele, G. L. "[Arithmetic shifting considered harmful|http://doi.acm.org/10.1145/956641.956647]." _SIGPLAN Not._ 12, 11 (November 1977), 61-69.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="826559bc-a416-475e-8274-2672b005901c"><ac:parameter ac:name="">Stevens 05</ac:parameter></ac:structured-macro>
\[Stevens 2005\] Stevens, W. Richard.  _Advanced Programming in the UNIX Environment_. Boston, MA: Addison-Wesley, 1995 (ISBN 032152594-9).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2bef91a6971ccf78-aa1ebe2f-40964a58-a1adb420-c5b842c88763129149bdc339"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
\[Summit 1995\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e4ed1501381111b9-90799eec-40d348fd-8b07892b-a3c70be1368e596a2e2ac9a8"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
\[Summit 2005\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://www.faqs.org/faqs/comp.lang.c/C-FAQ-list/?], 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7b245606f5a1a56-fe863ff9-4b8143d0-833587c4-1a75911b6843f0a7c59f8404"><ac:parameter ac:name="">Sun</ac:parameter></ac:structured-macro>
\[Sun\] [Sun Security Bulletin #00122|http://sunsolve.sun.com/search/document.do?assetkey=1-22-00122-1], 1993.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a7ca629946a4413-2795ffde-472e4b87-b8cc9e18-f3ded2d356db6ad795c93c78"><ac:parameter ac:name="">Sun 05</ac:parameter></ac:structured-macro>
\[Sun 2005\] [C User's Guide|http://docs.sun.com/source/819-3688/]. 819-3688-10. Sun Microsystems, Inc., 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="400337892e7e9c83-b52b9a22-472f4553-8a23861d-01ef0650941232a602430c09"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro>
\[Sutter 2004\] Sutter, Herb & Alexandrescu, Andrei. C+\+ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA:Addison-Wesley Professional, 2004 (ISBN 0321113586).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5deed0299f1d9016-44e40b53-4fc5451b-88e8be28-553369326cfb888bef7ebf25"><ac:parameter ac:name="">Tsafrir 08</ac:parameter></ac:structured-macro>
\[Tsafrir 2008\] Tsafrir, Dan, Da Silva, Dilma, & Wagner, David. [The Murky Issue of Changing Process Identity: Revising "Setuid Demystified"|http://www.eecs.berkeley.edu/~daw/papers/setuid-login08b.pdf] USENIX, June 2008, pages 55-66

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc6edc77992b06d8-071762bb-41a242b8-89df8e27-e1bd24629904c16462eee6fc"><ac:parameter ac:name="">Unicode 06</ac:parameter></ac:structured-macro>
\[Unicode 2006\] The Unicode Consortium. [The Unicode Standard|http://www.unicode.org/standard/standard.html], Version 5.0. Addison-Wesley Professional; 5th edition (November 3, 2006) ISBN: 0321480910.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88b6151d8b07d92d-a1f44bfc-402941f4-98a9811c-5ec2fb382f8368e18bb53ae1"><ac:parameter ac:name="">van de Voort 07</ac:parameter></ac:structured-macro>
\[van de Voort 2007\] van de Voort, Marco. [Development Tutorial (a.k.a Build FAQ)|http://www.stack.nl/~marcov/buildfaq.pdf], January 29, 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68a148492fcb3360-281abd47-477e46fb-bb3d8965-628636b7e8214bcee7e6266c"><ac:parameter ac:name="">van Sprundel06</ac:parameter></ac:structured-macro>
\[van Sprundel 2006\] van Sprundel, Ilja. [Unusualbugs|http://www.ruxcon.org.au/files/2006/unusual_bugs.pdf], 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f881927da540582-9a382327-4c074cc9-a82ea85b-5165803c5919d940699b56e6"><ac:parameter ac:name="">Viega 01</ac:parameter></ac:structured-macro>
\[Viega 2001\] Viega, John. [Protecting Sensitive Data in Memory|http://www.cgisecurity.com/lib/protecting-sensitive-data.html], February 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6367f82545fbed11-a3fac736-40594192-8990b6a6-a07278c78b7c5607f91bc331"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
\[Viega 2003\] Viega, John, & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="926e8fb95fe47a70-918c5b83-4bdf4021-82d592e7-9f72f7ec45e15ff6bafa7251"><ac:parameter ac:name="">Viega 05</ac:parameter></ac:structured-macro>
\[Viega 2005\] Viega, John. [CLASP Reference Guide Volume 1.1.|http://www.securesoftware.com/process/] Secure Software, 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8f52d62c0c3a2e86-cb9f9433-4a6c4cee-a7d8bdd4-e003370806749392f14cac15"><ac:parameter ac:name="">VU#159523</ac:parameter></ac:structured-macro>
\[VU#159523\] Giobbi, Ryan. Vulnerability Note [VU#159523|http://www.kb.cert.org/vuls/id/159523], _Adobe Flash Player integer overflow vulnerability_, April 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ddee34341001030-b0b9132f-4db84fb5-b016adb8-2d4af426ab00ad56f05f7e12"><ac:parameter ac:name="">VU#162289</ac:parameter></ac:structured-macro>
\[VU#162289\] Dougherty, Chad. Vulnerability Note [VU#162289|http://www.kb.cert.org/vuls/id/162289], _gcc silently discards some wraparound checks_, April 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ce8b5b3e376554d3-dc6a2366-45974dda-adea8310-9fc7454eae89b7d1bdba671d"><ac:parameter ac:name="">VU196240</ac:parameter></ac:structured-macro>
\[VU#196240\] Taschner, Chris & Manion, Art. Vulnerability Note [VU#196240|http://www.kb.cert.org/vulnotes/id/196240], _Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets_, 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a73ad962d99dbbd-befc076f-46034e26-a6fa9072-f9a5508730b67442074512f2"><ac:parameter ac:name="">VU286468</ac:parameter></ac:structured-macro>
\[VU#286468\] Burch, Hal. Vulnerability Note [VU#286468|http://www.kb.cert.org/vulnotes/id/286468], _Ettercap contains a format string error in the "curses_msg()" function_, 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="237f9edf60a80718-3ad1e05e-40c34593-bf7a98ed-55c7578118bebd1c7c3be32a"><ac:parameter ac:name="">VU439395</ac:parameter></ac:structured-macro>
\[VU#439395\] Lipson, Howard. Vulnerability Note [VU#439395|http://www.kb.cert.org/vuls/id/439395], _Apache web server performs case sensitive filtering on Mac OS X HFS\+ case insensitive filesystem,_ 2001.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="784ec33273868d53-4b6c19cb-479041ab-8bf7a737-a69ac69fdcee38a63860c50d"><ac:parameter ac:name="">VU551436</ac:parameter></ac:structured-macro>
\[VU#551436\] Giobbi, Ryan. Vulnerability Note [VU#551436|http://www.kb.cert.org/vulnotes/id/551436], _Mozilla Firefox SVG viewer vulnerable to buffer overflow,_ 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="33cd9ac941b65095-bf68960b-48854b4c-821e93ba-d2221814c4ce81bb77facebf"><ac:parameter ac:name="">VU568148</ac:parameter></ac:structured-macro>
\[VU#568148\] Finlay, Ian A. & Morda, Damon G. Vulnerability Note [VU#568148|http://www.kb.cert.org/vulnotes/id/568148], _Microsoft Windows RPC vulnerable to buffer overflow_, 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3f2c308a4429b51a-1ec4f742-495842af-ad81a5b0-2e4a1f40287770cac7b1fa2f"><ac:parameter ac:name="">VU623332</ac:parameter></ac:structured-macro>
\[VU#623332\] Mead, Robert. Vulnerability Note [VU#623332|http://www.kb.cert.org/vuls/id/623332], _MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function,_ 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1e975f6d05b723bf-59edbab2-4f4149d6-af6aa77a-c5b3edd02af98d35b5f7a695"><ac:parameter ac:name="">VU649732</ac:parameter></ac:structured-macro>
\[VU#649732\] Gennari, Jeff. Vulnerability Note [VU#649732|http://www.kb.cert.org/vulnotes/id/649732], _Samba AFS ACL Mapping VFS Plug-In Format String Vulnerability,_ 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c587340d3d025245-63eaed21-46d540b1-bda7a8a7-78ce834faaf2260169032c15"><ac:parameter ac:name="">VU654390</ac:parameter></ac:structured-macro>
\[VU#654390\] Rafail, Jason A. Vulnerability Note [VU#654390|https://www.kb.cert.org/vulnotes/id/654390], _ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions_, June 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="31a4eaeea6a4f7ac-807bb264-4a6f4739-a0d8979c-4150de3a8ab5720be613fc40"><ac:parameter ac:name="">VU743092</ac:parameter></ac:structured-macro>
\[VU#743092\] Rafail, Jason A. & Havrilla, Jeffrey S. Vulnerability Note [VU#743092|https://www.kb.cert.org/vulnotes/id/743092], _realpath(3) function contains off-by-one buffer overflow,_ July 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="690c51f732693d10-4b5bfba6-47fc4d9d-950fbcbd-f872aedcbde2475f759abdc9"><ac:parameter ac:name="">VU834865</ac:parameter></ac:structured-macro>
\[VU#834865\] Gennari, Jeff. Vulnerability Note [VU#834865|http://www.kb.cert.org/vuls/id/834865], _Sendmail signal I/O race condition_, March 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bbe984f44d7d9f15-d6d96907-49674af4-b9cc9c75-453ebf697830e8c8bf213fff"><ac:parameter ac:name="">VU837857</ac:parameter></ac:structured-macro>
\[VU#837857\] Dougherty, Chad. Vulnerability Note [VU#837857|http://www.kb.cert.org/vuls/id/837857], _SX.Org server fails to properly test for effective user ID_, August 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b343a1faf8ef071-12daa11c-49144e00-91bf87cb-b1bec8ccf82a1f0eb099573a"><ac:parameter ac:name="">VU881872</ac:parameter></ac:structured-macro>
\[VU#881872\] Manion, Art & Taschner, Chris. Vulnerability Note [VU#881872|http://www.kb.cert.org/vulnotes/id/881872], _Sun Solaris telnet authentication bypass vulnerability,_ 2007.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7f86e154592dca8-b7b5b7cf-434d4b66-b3d498fe-5d3938c92885050e3e994c77"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 2002\] Warren, Henry S. [_Hacker's Delight_|http://www.hackersdelight.org/]. Boston, MA: Addison Wesley Professional, 2002 (ISBN 0201914654).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ca05bd44e9cc97d-15ac923a-4ba44f16-acd6a83b-c7f7d46519eaab32f88e3fb5"><ac:parameter ac:name="">WG14/N1396</ac:parameter></ac:structured-macro>
\[WG14/N1396\] Thomas, J., Tydeman, F. "[Wide function return values|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1396.htm]", September 2009.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec638246e55106f7-9705c16f-45a04a21-94998761-e82593d7c7d5ab70eb3195a7"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro>
\[Wheeler 2003\] Wheeler, David. [Secure Programming for Linux and Unix HOWTO, v3.010|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/], March 2003.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="345be9c1be79ab8b-89f65f70-4c11454b-bec28fd1-b9947e35ddd5730ee32fe98e"><ac:parameter ac:name="">Wheeler 04</ac:parameter></ac:structured-macro>
\[Wheeler 2004\] Wheeler, David. [_Secure programmer: Call components safely_|http://www-128.ibm.com/developerworks/linux/library/l-calls.html]. December 2004.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7ab7c83d373467b1-e028e103-42ac419a-8fb79a80-414c7e89099890eb1bf9eb0e"><ac:parameter ac:name="">Wojtczuk 08</ac:parameter></ac:structured-macro>
\[Wojtczuk 2008\] Wojtczuk, Rafal. "[Analyzing the Linux Kernel vmsplice Exploit|http://www.avertlabs.com/research/blog/index.php/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/]." McAfee Avert Labs Blog, February 13, 2008.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="82bba80f15d5279a-a4c5aa34-410341b5-ac1b9370-b63ff2e022394df707062330"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro>
\[xorl 2009\] xorl. [xorl %eax, %eax|http://xorl.wordpress.com/].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7d0e65168ee8a14b-5e230181-4bca4502-b6769921-e2b90eab03d6f8b3f9b03507"><ac:parameter ac:name="">Yergeau 98</ac:parameter></ac:structured-macro>
\[Yergeau 1998\] Yergeau, F. [RFC 2279 - UTF-8, a transformation format of ISO 10646|http://www.faqs.org/rfcs/rfc2279.html], January 1998.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7a134b9a24c5624-3e416dc8-40134e4d-a58188c4-5968b5a136ff9ba27a6bdafa"><ac:parameter ac:name="">Zalewski 01</ac:parameter></ac:structured-macro>
\[Zalewski 2001\] Zalewski, Michal. [_Delivering Signals for Fun and Profit: Understanding, exploiting and preventing signal-handling related vulnerabilities_|http://lcamtuf.coredump.cx/signals.txt], May 2001.

...