| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="31cae2e266719024-623f84be-402f426f-92e0a5a0-c1056623f3d1fe67da9c4c3d"><ac:parameter ac:name="">Apple 06</ac:parameter></ac:structured-macro> \[Apple 06\] Apple, Inc. [_Secure Coding Guide_|http://developer.apple.com/documentation/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf], May 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2725c480593fe66-a8a96f41-40634380-ac5e8eaf-a1f89191cc782a43bc3480ef"><ac:parameter ac:name="">Austin Group 08</ac:parameter></ac:structured-macro> \[Austin Group 08\] "Draft Standard for Information Technology - Portable Operating System Interface (POSIX®) - Draft Technical Standard: Base Specifications, Issue 7," IEEE Unapproved Draft Std P1003.1 D5.1. Prepared by the [Austin Group|http://www.opengroup.org/austin/]. New York: Institute of Electrical & Electronics Engineers, Inc., May 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52de08c771093a39-3e13aeaf-47134e1d-a0899fee-bfabe121499888fc7891afc7"><ac:parameter ac:name="">Banahan 03</ac:parameter></ac:structured-macro> \[Banahan 03\] Banahan, Mike. [_The C Book_|http://www.phy.duke.edu/~rgb/General/c_book/c_book/index.html], 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="325038c06da3a249-7e9eaf17-4d3c453b-9816b5c4-ae5a5117b5a223fec10e3261"><ac:parameter ac:name="">Beebe 05</ac:parameter></ac:structured-macro> \[Beebe 05\] Beebe, Nelson H. F. [Re: Remainder (%) operator and GCC|http://gcc.gnu.org/ml/gcc-help/2005-11/msg00141.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="156ccf384480e61d-104216ad-4dcb481e-b11ba6d2-b81e932b1bd1dc5a155ba99f"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro> \[Becker 08\] Becker, Pete. [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2521.pdf], April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9bc6dad7bf0f2903-2b766d8e-4993472c-ba3998d9-98dfeda3a5962a00676cf92a"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro> \[Black 07\] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. [http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e820cb8d8571c639-e34df8e0-425c4ad3-98528d6d-c5cc73f480848b23984e840a"><ac:parameter ac:name="">Brainbell.com</ac:parameter></ac:structured-macro> \[Brainbell.com\] Brainbell.com. [_Advice and Warnings for C Tutorials_|http://www.brainbell.com/tutors/c/Advice_and_Warnings_for_C/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7b59f90855371511-5c4a062a-428c4ab3-9659b3be-4665022eb6442694ca2c80c1"><ac:parameter ac:name="">Bryant 03</ac:parameter></ac:structured-macro> \[Bryant 03\] Bryant, Randal E., & O'Halloran, David. _Computer Systems: A Programmer's Perspective_. Prentice Hall, 2003 (ISBN 0-13-034074-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f468767bd4dd06f9-6485d3dc-41474944-bc81afe9-12262c9657e8e567b0df15c7"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro> \[Burch 06\] Burch, Hal, Long, Fred, & Seacord, Robert C. [_Specifications for Managed Strings_|http://www.sei.cmu.edu/publications/documents/06.reports/06tr006.html] (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7bcf3b48ec0c24cf-2a50a939-4c0746df-bb349523-b086a379a299bc2b15e92b7a"><ac:parameter ac:name="">Callaghan 95</ac:parameter></ac:structured-macro> \[Callaghan 95\] Callaghan, B., Pawlowski, B., & Staubach, P. [IETF RFC 1813 NFS Version 3 Protocol Specification|http://www.ietf.org/rfc/rfc1813.txt], June 1995. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ad82ab36c062a7c-44a729fe-4b52423a-80ae852e-617bc57b3772646e609116f3"><ac:parameter ac:name="">CERT 06a</ac:parameter></ac:structured-macro> \[CERT 06a\] CERT/CC. [CERT/CC Statistics 1988---2006|http://www.cert.org/stats/cert_stats.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1157904ed47da15-241e1e27-4ca94546-b0a5a5d7-e493fa3256d1f9fb8dd94c84"><ac:parameter ac:name="">CERT 06b</ac:parameter></ac:structured-macro> \[CERT 06b\] CERT/CC. US-CERT's [Technical Cyber Security Alerts|http://www.us-cert.gov/cas/techalerts/index.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a56b41baaf5f8f57-53ee9cd9-44cc4924-8239bed8-0b65069b8b9104762a1aa371"><ac:parameter ac:name="">CERT 06c</ac:parameter></ac:structured-macro> \[CERT 06c\] CERT/CC. [Secure Coding|http://www.cert.org/secure-coding/] web site. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="048f370befa0600c-43704bab-469c4679-9c209af1-a96de34d7b203d9da23f3253"><ac:parameter ac:name="">Chen 02</ac:parameter></ac:structured-macro> \[Chen 02\] Chen, H., Wagner, D., & Dean, D. [Setuid Demystified|http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf] USENIX Security Symposium, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="34a04982a1e7840c-e61a09b8-4c0a4a36-8c2fbb91-f67c7921d4de42b04d51a260"><ac:parameter ac:name="">Corfield 93</ac:parameter></ac:structured-macro> \[Corfield 93\] Corfield, Sean A. "[Making String Literals 'const'|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc]," November 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7fb5532471f95800-03e02828-4c974aca-84bd93eb-d4dac850da02b4c03ad46d59"><ac:parameter ac:name="">Coverity 07</ac:parameter></ac:structured-macro> \[Coverity 07\] Coverity Prevent User's Manual (3.3.0), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a34dbec4fa2e3a9b-5c99defd-497f4119-a685a9a6-a76c1df7a179b75c442987ea"><ac:parameter ac:name="">CVE</ac:parameter></ac:structured-macro> \[CVE\] [Common Vulnerabilities and Exposures|http://cve.mitre.org/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="26195691ebeb0af2-a25b0ddd-4dfe4414-9748a365-a016f05152f1a606cf6ed4e8"><ac:parameter ac:name="">CPPReference</ac:parameter></ac:structured-macro> \[C+\+ Reference\] [Standard C Library, General C\++, C++ Standard Template Library|http://www.cppreference.com/] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0ee7563932e68cc7-03ec5770-4e554931-8076bf0c-0a8971c366f0fee16fb4bf95"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro> \[Dewhurst 02\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston: Addison-Wesley Professional, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a58a06a3f0284714-b82e126b-48bd4b71-b58dbb41-ceb4606ec0303d580d59febe"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro> \[Dewhurst 05\] Dewhurst, Stephen C. _C+\+ Common Knowledge: Essential Intermediate Programming_. Boston, MA: Addison-Wesley Professional, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da49511a42f7aada-c4d2c211-462a45d7-be5db8f6-f43e4bbc1d5b4d07033ab001"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro> \[DHS 06\] U.S. Department of Homeland Security. [Build Security In|https://buildsecurityin.us-cert.gov/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13383d564429b170-cfcc70a8-44ab4efa-bb74bbbf-a3ddc88a2812bf27fa4cb846"><ac:parameter ac:name=""> DOD 5220</ac:parameter></ac:structured-macro> \[DOD 5220\] U.S. Department of Defense. [DoD Standard 5220.22-M|http://security.ouhsc.edu/docs/policies/approved/DoD_5220.doc] (Word document). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27a9a50789a14743-51e9b529-478348ab-98c5a13c-008808273de5c11fc7bfbef3"><ac:parameter ac:name="">Dowd 06</ac:parameter></ac:structured-macro> \[Dowd 06\] Dowd, M., McDonald, J., & Schuh, J. _The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities_. Boston: Addison-Wesley, 2006. See [http://taossa.com] for updates and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="db179f15daccaea9-ff7b4532-4b56485a-b073b3a9-89fce8d29a4c7f1ef4134786"><ac:parameter ac:name="">Drepper 06</ac:parameter></ac:structured-macro> \[Drepper 06\] Drepper, Ulrich. [Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)|http://people.redhat.com/drepper/defprogramming.pdf], May 3, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0a3d1fc52b679866-4bbfdeb5-4ca3436d-91cf8d6b-40151948252c7b107755bf2d"><ac:parameter ac:name="">Eckel 07</ac:parameter></ac:structured-macro> \[Eckel 07\] Eckel, Bruce. [_Thinking in C+\+ Volume 2_|http://bruce-eckel.developpez.com/livres/cpp/ticpp/v2/], January 25, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="07de01239dc1d3c8-2cc8cb1f-454d4667-8f0b9a35-0b6f61b64f91d0f428756161"><ac:parameter ac:name="">ECTC 98</ac:parameter></ac:structured-macro> \[ECTC 98\] Embedded C+\+ Technical Committee. [_The Embedded C+\+ Programming Guide Lines_|http://www.caravan.net/ec2plus/guide.html], Version WP-GU-003. January 6, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ccd2b906aca54b01-47ed128f-427b4d0b-91919708-fc9d5a24c1a85185395db93c"><ac:parameter ac:name="">Eide and Regehr</ac:parameter></ac:structured-macro> \[Eide and Regehr\] "[Volatiles are miscompiled, and what to do about it|http://portal.acm.org/citation.cfm?id=1450058.1450093]" Eide E., Regehr J. 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eccbebfcfe950e95-f90f3f90-4d614e93-9fffbe60-351a4e5053a08e5b2337e01e"><ac:parameter ac:name="">Finlay 03</ac:parameter></ac:structured-macro> \[Finlay 03\] Finlay, Ian A. CERT Advisory CA-2003-16, [Buffer Overflow in Microsoft RPC|http://www.cert.org/advisories/CA-2003-16.html]. CERT/CC, July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9451ee0dda600f2e-5baf5a20-418642d9-bce9aae1-6bffd88a0a1a2f876a94d25b"><ac:parameter ac:name="">Fisher 99</ac:parameter></ac:structured-macro> \[Fisher 99\] Fisher, David & Lipson, Howard. "Emergent Algorithms - A New Method for Enhancing Survivability in Unbounded Systems." _Proceedings of the 32nd Annual Hawaii International Conference on System Sciences (HICSS-32)_. Maui, HI, January 5-8, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e525caf3d67f85c6-4fb2cd0b-40044484-8616a88e-11bb85218dd7d9d4bafe2770"><ac:parameter ac:name="">Flake 06</ac:parameter></ac:structured-macro> \[Flake 06\] Flake, Halvar. "[Attacks on uninitialized local variables|http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Flake.pdf]." Black Hat Federal 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9af3bacb72f6156a-05abb7f4-4fd44590-89bf90a7-97511204242cd06fc26bbfb3"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro> \[Fortify 06\] Fortify Software Inc. [Fortify Taxonomy: Software Security Errors|http://www.fortifysoftware.com/vulncat/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f5b876b6419e9b8-8a371e32-48cd4a71-9f0fb1ad-997cccae63432f8d06d76f6e"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro> \[FSF 05\] Free Software Foundation. [GCC online documentation|http://gcc.gnu.org/onlinedocs], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="151bf02d175a0398-99356391-42214589-a8b59f96-8484bd5b234aef0dc4848ec6"><ac:parameter ac:name="">Garfinkel 96</ac:parameter></ac:structured-macro> \[Garfinkel 96\] Garfinkel, Simson & Spafford, Gene. _Practical UNIX & Internet Security_, 2nd Edition. Sebastopol, CA: O'Reilly Media, April 1996 (ISBN 1-56592-148-8). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c406e2e08a70686-b110c73e-492d4561-b10d8b4d-75e57c0de0e707510dbf6c62"><ac:parameter ac:name="">GNU Pth</ac:parameter></ac:structured-macro> \[GNU Pth\] Engelschall, Ralf S. [GNU Portable Threads|http://www.gnu.org/software/pth/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9558941099fa389-734ac9e4-41da42a6-900d93b5-4cc238bc1f1a50c73b7351eb"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro> \[Goldberg 91\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, March 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="556b4e881350a764-2ef5c19f-40004ceb-94ecaac7-6f056be52c508c1a3cdab303"><ac:parameter ac:name="">Goodin 2009</ac:parameter></ac:structured-macro> \[Goodin 2009\] Dan Goodin. [Clever attack exploits fully-patched Linux kernel|http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/] The Register. July 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3eff6201e86efdf-941fe7c1-415b4377-81a4a8d1-90c0bfa85f417a63d27dfc7a"><ac:parameter ac:name="">Gough 2005</ac:parameter></ac:structured-macro> \[Gough 2005\] Gough, Brian J. [An Introduction to GCC|http://www.network-theory.co.uk/docs/gccintro/index.html]. Network Theory Ltd, Revised August 2005 (ISBN 0-9541617-9-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66727ee7896cbad4-41813d1f-46604d7c-975c8804-497f75cc412f4821daa7ee1d"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro> \[Graff 03\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e28f791d0d5e292b-0f18fb64-4cf84623-8bb38cd1-db4051c72989ac96091e622e"><ac:parameter ac:name="">Greenman 97</ac:parameter></ac:structured-macro> \[Greenman 97\] Greenman, David. [_serious security bug in wu-ftpd v2.4_|http://seclists.org/bugtraq/1997/Jan/0011.html]. BUGTRAQ Mailing List (bugtraq@securityfocus.com), January 2, 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1c042437516fdf3-08beabf9-41f14c0b-9404a844-68c624473ac9d8157c7409a2"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro> \[Griffiths 06\] Griffiths, Andrew. "[Clutching at straws: When you can shift the stack pointer|http://felinemenace.org/papers/p63-0x0e_Shifting_the_Stack_Pointer.txt]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6094ac7b047f870c-9404f4fd-46a8429e-8c3e9436-e6f65f5832e056408f19d1d3"><ac:parameter ac:name="">Gutmann 96</ac:parameter></ac:structured-macro> \[Gutmann 96\] Gutmann, Peter. [Secure Deletion of Data from Magnetic and Solid-State Memory|http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html], July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="33ba06fe2fc6ca78-f79a0015-45274514-8ebb89cf-699ef50848f5e168f0632145"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro> \[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3467ef69bd5b1b7f-eeb7273b-485f4ca8-bd5d83a6-14e70d8c6655d164aef12756"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro> \[Hatton 95\] Hatton, Les. _Safer C: Developing Software for High-Integrity and Safety-Critical Systems_. New York: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1dfeecce5a03cb50-358e6c06-48754de6-8d6e8abb-211e3e66565d5487b8b6e710"><ac:parameter ac:name="">Henricson 92</ac:parameter></ac:structured-macro> \[Henricson 92\] Henricson, Mats, & Nyquist, Erik. [Programming in C++, Rules and Recommendations|http://www.doc.ic.ac.uk/lab/cplus/c++.rules/]. Ellemtel Telecommunication Systems Laboratories, 1992. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f9966e66ab3ca0e4-82c7107a-40e74afe-bfc9b452-35059774f947536e27ccdb07"><ac:parameter ac:name="">Horton 90</ac:parameter></ac:structured-macro> \[Horton 90\] Horton, Mark R. _Portable C Software_. Upper Saddle River, NJ: Prentice-Hall, Inc., 1990 (ISBN:0-13-868050-7). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1a3c660cfb2c34e8-9b6d80d6-4a9a479e-b7ca8585-5099981538dd324b14338183"><ac:parameter ac:name="">Howard 02</ac:parameter></ac:structured-macro> \[Howard 02\] Howard, Michael, & LeBlanc, David C. _[_Writing Secure Code, 2nd ed. Redmond, WA:_|http://www.microsoft.com/mspress/books/5957.aspx]_. Microsoft Press, December 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="285f24ade8cc578f-3066ec76-462c4d2a-a70587c8-dfa342b9d8a380eb0db30a90"><ac:parameter ac:name="">HP 03</ac:parameter></ac:structured-macro> \[HP 03\] [Tru64 UNIX: Protecting Your System Against File Name Spoofing Attacks|http://h30097.www3.hp.com/docs/wpapers/spoof_wp/symlink_external.pdf]. Houston, TX: Hewlett-Packard Company, January 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b970446fd9677a17-53626ebf-410c4a35-921abc74-485dd0b4b4af1e0b35cd1c0e"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro> \[IEC 60812 2006\] _Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)_, 2nd ed. (IEC 60812). IEC, January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="309aa3ae988769f4-b33d8756-499c427e-b9a39d4c-3450af1580d7051196024c85"><ac:parameter ac:name="">IEC 61508 4</ac:parameter></ac:structured-macro> \[IEC 61508-4\] _Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations_, 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f17d9a8caa4219b7-b1106f8c-44504b10-af50a93a-70f9e0dd229a80bfd8a5bff7"><ac:parameter ac:name="">IEEE Std 610.12 1990</ac:parameter></ac:structured-macro> \[IEEE Std 610.12 1990\] _IEEE Standard Glossary of Software Engineering Terminology_, September 1990. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48e94537a54f2ff6-659a12ce-477a4acd-900faa6f-20df78b01ea5cde797f53166"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro> \[IEEE 754 2006\] IEEE. [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985), 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e0a290c86c4f6f9d-f6aec9b7-4aea4f20-b97d9c4e-7d9a148f1618270d689a1860"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro> \[IEEE 1003.1, 2004\] IEEE. [The Open Group Base Specifications Issue 6|http://www.opengroup.org/onlinepubs/009695399/] IEEE Std 1003.1, 2004 Edition |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="057624ca88d16d56-34a421dc-421a4215-a113a621-17080c6a423ce629f57aa2bd"><ac:parameter ac:name="">IEEE 1003</ac:parameter></ac:structured-macro> \[ilja 06\] ilja. "[readlink abuse|http://blogs.23.nu/ilja/stories/12551/]." _ilja's blog_, August 13, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="996495d8683ce0ed-1431340a-44c84c8a-acab8f3b-8e9889c7cb07bad482fd4c49"><ac:parameter ac:name="">Intel 01</ac:parameter></ac:structured-macro> \[Intel 01\] Intel Corp. [_Floating-Point IEEE Filter for Microsoft\* Windows\* 2000 on the Intel® Itanium⢠Architecture_|ftp://download.intel.com/software/opensource/libraries/ieee/ieee_filter_windows2000.pdf], March 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51804a2baf2154ed-baa6914f-48b948fc-932298e7-a4ead9fe4d2823bb17fd32d5"><ac:parameter ac:name="">Internet Society 00</ac:parameter></ac:structured-macro> \[Internet Society 00\] The Internet Society. [Internet Security Glossary (RFC 2828)|ftp://ftp.rfc-editor.org/in-notes/rfc2828.txt], 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="08130734693b3cff-0aecfb66-43994f62-8cbab84c-2bd7057929fb58a964eb4c47"><ac:parameter ac:name="">ISO/IEC 646-1991</ac:parameter></ac:structured-macro> \[ISO/IEC 646:1991\] ISO/IEC. _Information technology: ISO 7-bit coded character set for information interchange_ (ISO/IEC 646-1991). Geneva, Switzerland: International Organization for Standardization, 1991. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d40701734da31fdd-bfd80b7e-4aa141f9-82179dd9-b54e540946927ca9668e55b6"><ac:parameter ac:name="">ISO/IEC 9945-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 9945:2003\] _ISO/IEC 9945:2003 (including Technical Corrigendum 1), Information technology --- Programming languages, their environments and system software interfaces --- Portable Operating System Interface (POSIX®)_. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6f09b42372e8c1c9-432588ef-471149f8-9d098ad8-375aa70bfac0b8722808ed4c"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro> \[ISO/IEC 9899:1999\] ISO/IEC. _Programming Languages---C, 2nd ed_ (ISO/IEC 9899:1999). Geneva, Switzerland: International Organization for Standardization, 1999. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da451be4ba45ec90-975d4d51-47534307-af5fa4fd-856e19e55ce574861f138d7a"><ac:parameter ac:name="">ISO/IEC 10646-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 10646:2003\] _Information technology - Universal Multiple-Octet Coded Character Set (UCS)_ (ISO/IEC 10646:2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f69b02464816a554-a65461a3-4de94e42-bfb7b2c9-14005027044179352a6b42bf"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro> \[ISO/IEC 14882:2003\] ISO/IEC. _Programming Languages --- C++, Second Edition_ (ISO/IEC 14882-2003). Geneva, Switzerland: International Organization for Standardization, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2267d3933b688326-5e95127b-430a4e57-98038207-e0c2462100660386a6b1b63d"><ac:parameter ac:name="">ISO/IEC 23360-1-2006</ac:parameter></ac:structured-macro> \[ISO/IEC 23360-1:2006\] [_Linux Standard Base (LSB) core specification 3.1 - Part 1: Generic specification_|http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="578f67819cfb614c-964c3727-41224aa0-8ce6afa2-f2b1f0df5ee0ab1d8e04961f"><ac:parameter ac:name="">ISO/IEC 03</ac:parameter></ac:structured-macro> \[ISO/IEC 03\] ISO/IEC. [_Rationale for International Standard --- Programming Languages --- C, Revision 5.10_|http://www.open-std.org/jtc1/sc22/wg14/www/C99RationaleV5.10.pdf]. Geneva, Switzerland: International Organization for Standardization, April 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ddfcefafd4e6dcb2-842abb14-4a41448a-8deb8ce6-6755ef19a57ffbca0882fb01"><ac:parameter ac:name="">ISO/IEC JTC1/SC22/WG11</ac:parameter></ac:structured-macro> \[ISO/IEC JTC1/SC22/WG11\] ISO/IEC. [_Binding Techniques_|http://www.open-std.org/JTC1/SC22/WG11/] (ISO/IEC JTC1/SC22/WG11), 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="687b0738d2cac563-7cec384e-4c6b4461-8a3ba729-2a38287291a08a6065bf81aa"><ac:parameter ac:name="">ISO/IEC DTR 24732</ac:parameter></ac:structured-macro> \[ISO/IEC DTR 24732\] ISO/IEC JTC1 SC22 WG14 N1290. [Extension for the programming language C to support decimal floating-point arithmetic|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1290.pdf], March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2e17de35ebeced6-37fcff03-4292494f-8941913e-eddb3373e79b00a4959dc3ab"><ac:parameter ac:name="">ISO/IEC PDTR 24731-2-2007</ac:parameter></ac:structured-macro> \[ISO/IEC PDTR 24731-2\] [Extensions to the C Library, --- Part II: Dynamic Allocation Functions|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1248.pdf], August 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="70aadda41af98259-4a218cfe-4908490f-80029916-0f4a639cc574168aa2250266"><ac:parameter ac:name="">ISO/IEC PDTR 24772</ac:parameter></ac:structured-macro> \[ISO/IEC PDTR 24772\] ISO/IEC PDTR 24772. _Information Technology_ --- _Programming Languages_ --- [_Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_|http://www.aitcnet.org/isai/_NextMeeting/22-OWGV-N-0134/n0134.pdf], March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7f29cba0b6f61eea-c94189eb-47af4ba3-a2c5983e-7b30d1dbbf2e4741213a9423"><ac:parameter ac:name="">ISO/IEC TR 24731-1-2007</ac:parameter></ac:structured-macro> \[ISO/IEC TR 24731-1:2007\] ISO/IEC TR 24731. _Extensions to the C Library, --- Part I: Bounds-checking interfaces_. Geneva, Switzerland: International Organization for Standardization, April 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d0624a3f2035875-422cf7dd-4d024a2c-a96886e8-e5812eef670627fc38429483"><ac:parameter ac:name="">Jack 07</ac:parameter></ac:structured-macro> \[Jack 07\] Jack, Barnaby. [_Vector Rewrite Attack_|http://www.juniper.net/solutions/literature/white_papers/Vector-Rewrite-Attack.pdf], May 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="01d4f7740620ab87-33b9b659-467643bd-bed18a31-9f664b41d74edca01e08e92c"><ac:parameter ac:name="">Jones 04</ac:parameter></ac:structured-macro> \[Jones 04\] Jones, Nigel. ["Learn a new trick with the offsetof() macro."|http://www.netrino.com/Articles/OffsetOf/index.php] _Embedded Systems Programming_, March 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27fcdad5b085c329-f622a653-409743d6-9fbdb2a3-8f501dbf88fdf17090164793"><ac:parameter ac:name="">Jones 08</ac:parameter></ac:structured-macro> \[Jones 08\] Jones, Derek M. [The New C Standard: An economic and cultural commentary|http://www.knosof.co.uk/cbook/]. Knowledge Software Ltd., 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42f300508aebece7-8f687786-4e984051-a0a8bb90-021d55b67c6ad6c96ee2da2b"><ac:parameter ac:name="">Keil 08</ac:parameter></ac:structured-macro> \[Keil 08\] Keil, an ARM Company. "[Floating Point Support|http://www.keil.com/support/man/docs/armlib/armlib_bihbjiea.htm]." _RealView Libraries and Floating Point Support Guide_, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="955ad0d124bec22f-5851c51c-46e34ae3-9abd9baa-c4ccc350ecbca37b7aef49ef"><ac:parameter ac:name="">Kennaway 00</ac:parameter></ac:structured-macro> \[Kennaway 00\] Kennaway, Kris. [Re: /tmp topic|http://lwn.net/2000/1221/a/sec-tmp.php3], December 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="339f3634518adc50-51f36be5-4ecf4d44-b9d6aca7-44a16e300a0c8bbcbd41da96"><ac:parameter ac:name="">Kernighan 88</ac:parameter></ac:structured-macro> \[Kernighan 88\] Kernighan , Brian W., & Ritchie, Dennis M. _The C Programming Language, 2nd ed._ Englewood Cliffs, NJ: Prentice-Hall, 1988. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="98f1569f89cdcaa5-6f16643c-45bc4438-9da89c5d-ed311b5ee6e60f176681e9dc"><ac:parameter ac:name="">Kettle 02</ac:parameter></ac:structured-macro> \[Kettlewell 02\] Kettlewell, Richard. [_C Language Gotchas_|http://www.greenend.org.uk/rjk/2001/02/cfu.html], February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d3502978027182ac-9354d96d-402c4f08-abca9cd3-9497ed04ab25d52553fc36c9"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro> \[Kettlewell 03\] Kettlewell, Richard. [_Inline Functions In C_|http://www.greenend.org.uk/rjk/2003/03/inline.html], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a4838fe25d47228-537e4be2-43a24cb4-95718e9e-be382fa49d903d3328f48501"><ac:parameter ac:name="">Kirch-Prinz 02</ac:parameter></ac:structured-macro> \[Kirch-Prinz 02\] Kirch-Prinz, Ulla & Prinz, Peter. _C Pocket Reference_. Sebastopol, CA: O'Reilly, November 2002 (ISBN: 0-596-00436-2). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="834b9f32f28bf6c6-ac1e44ea-46ad4bdc-97bc9e2a-61f6e6112533ac3fa27332cd"><ac:parameter ac:name="">Klarer 04</ac:parameter></ac:structured-macro> \[Klarer 04\] Klarer, R., Maddock, J., Dawes, B. & Hinnant, H. "Proposal to Add Static Assertions to the Core Language (Revision 3)." ISO C+\+ committee paper ISO/IEC JTC1/SC22/WG21/N1720, October 2004. Available at [http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1720.html]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="308c20c528c623d5-2b37696d-4dd84bd5-b1929e48-41a2c6af48cfdf758a25c3ef"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro> \[Klein 02\] Klein, Jack. [_Bullet Proof Integer Input Using strtol()_|http://home.att.net/~jackklein/c/code/strtol.html], 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8bd443e2ec79fee0-ee0604dd-4eb04466-90469103-c6039f94b701a1bba451946d"><ac:parameter ac:name="">Koenig 89</ac:parameter></ac:structured-macro> \[Koenig 89\] Koenig, Andrew. _C Traps and Pitfalls_. Addison-Wesley Professional, January 1, 1989. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b8228a91440f8326-b03297aa-4a0e492a-a4d39519-b9fcea0087d87378264e3d88"><ac:parameter ac:name="">Kuhn 06</ac:parameter></ac:structured-macro> \[Kuhn 06\] Kuhn, Markus. [_UTF-8 and Unicode FAQ for Unix/Linux_|http://www.cl.cam.ac.uk/~mgk25/unicode.html], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="942312045c16091f-270990ac-47ac49b9-a8c2b4bf-0e7d11d48592faa4c9a36ca6"><ac:parameter ac:name="">Lai 06</ac:parameter></ac:structured-macro> \[Lai 06\] Lai, Ray. "[Reading Between the Lines|http://undeadly.org/cgi?action=article&sid=20061027031811]." _OpenBSD Journal_, October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="edfb24a55c3f17f9-88e37fb3-47064236-94d9941f-38604f687460676a29931ee6"><ac:parameter ac:name="">Lewis 06</ac:parameter></ac:structured-macro> \[Lewis 06\] Lewis, Richard. "[Security Considerations When Handling Sensitive Data|http://secureapps.blogspot.com/2006/10/security-considerations-when-handling.html]." Posted on the Application Security by Richard Lewis blog October 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7b81bca7425462e7-8001eabe-4ccf49c6-9532a2dd-208ba2f95dffd45738925e3b"><ac:parameter ac:name="">Linux 08</ac:parameter></ac:structured-macro> \[Linux 08\] [Linux Programmer's Manual|http://www.kernel.org/doc/man-pages/online_pages.html], October 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="119e2da2c5edce27-db3c26af-45034a7b-b94488c7-b8489e4d02b7fcef83df1502"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro> \[Lions 96\] Lions, J. L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5da4994f676c4ea5-a2dddd0f-41f24036-a3689151-8123741909065a21058c00d5"><ac:parameter ac:name="">Lipson 00</ac:parameter></ac:structured-macro> \[Lipson 00\] Lipson, Howard & Fisher, David. "Survivability: A New Technical and Business Perspective on Security," 33-39. _Proceedings of the 1999 New Security Paradigms Workshop_. Caledon Hills, Ontario, Canada, Sept. 22-24, 1999. New York: Association for Computing Machinery, 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e6ba32ea70234b66-d1369226-453e432b-807c8c49-fc026ae233868203c4be8877"><ac:parameter ac:name="">Lipson 06</ac:parameter></ac:structured-macro> \[Lipson 06\] Lipson, Howard. _Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks_ (CMU/SEI-2006-TN-027). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9abb1c2f64c6334d-8cc268d0-4dac42a2-b51a8e56-cc80105b1d83effe90fb98d8"><ac:parameter ac:name="">Lipson 2009</ac:parameter></ac:structured-macro> \[Liu 2009\] Likai Liu. [Making NULL-pointer reference legal|http://lifecs.likai.org/2009/01/making-null-pointer-reference-legal.html], Life of a Computer Science Student, January, 2009. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d82ae8b143dafed-bc61cbaa-4e9141be-9de587f8-317fb6ea86390224e7c03ce3"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro> \[Lockheed Martin 05\] Lockheed Martin. "[Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program.|http://www.research.att.com/~bs/JSF-AV-rules.pdf]" Document Number 2RDU00001 Rev C., December 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="94286e53c72eb5c6-43eec11a-455640a3-b5ea88fa-8facbd9b79fdceb1b6a0d3a7"><ac:parameter ac:name="">Loosemore 07</ac:parameter></ac:structured-macro> \[Loosemore 07\] Loosemore, Sandra, Stallman, Richard M., McGrath, Roland, Oram, Andrew, & Drepper, Ulrich. [The GNU C Library Reference Manual|http://www.gnu.org/software/libc/manual/], Edition 0.11, September 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ade72d9c9715c4eb-ec791836-4e764cd8-b9ab8d37-dad0f94aa1eb46a751010e93"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro> \[McCluskey 01\] [_flexible array members and designators in C9X_|http://www.usenix.org/publications/login/2001-07/pdfs/mccluskey.pdf] ;login:, July 2001, Volume 26, Number 4, p. 29---32. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="93b2571e3a91343b-ab708fb3-4d5f4699-82d4808a-dc9e87ef1034bef0ce000cfd"><ac:parameter ac:name="">Mell 07</ac:parameter></ac:structured-macro> \[Mell 07\] P. Mell, K. Scarfone, and S. Romanosky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0", FIRST, June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd8c727de49c76ec-8edb6c16-417c4fce-945ea26d-4d4c3bb33e7f928bfb0d9595"><ac:parameter ac:name="">mercy 06</ac:parameter></ac:structured-macro> \[mercy\] mercy. [_Exploiting Uninitialized Data_|http://www.felinemenace.org/papers/UBehavior.zip], January 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="df992bdf9db05d9b-fdc3c20e-43784f48-b18c81cc-d14f91682dd6ee8e4dc24a22"><ac:parameter ac:name="">Microsoft>Meyers 03<2004</ac:parameter></ac:structured-macro> \[Meyers 2004\] Randy Meyers. [Limited size_t|http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1080.pdf] WG14 N1080. September, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2c5ff914-e4b9-47a4-bda2-435dab80ed58"><ac:parameter ac:name="">Microsoft 03</ac:parameter></ac:structured-macro> \[Microsoft Microsoft 03\] Microsoft Security Bulletin MS03-026, "[Buffer Overrun In RPC Interface Could Allow Code Execution (823980)|http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx]," September 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ccfb7939abb8ae0e-e54f2032-4126482c-971ea77b-4ac2f76268653401a077263c"><ac:parameter ac:name="">Microsoft 07</ac:parameter></ac:structured-macro> \[Microsoft 07\] [C Language Reference|http://msdn2.microsoft.com/en-us/library/fw5abdx6(VS.80).aspx], 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9cbeb03e8ccb4d66-9f5db48d-47cc47fe-912abbfe-11b4f11ac4269b989ed08888"><ac:parameter ac:name="">Miller 99</ac:parameter></ac:structured-macro> \[Miller 99\] Todd C. Miller and Theo de Raadt. strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation. In Proceedings of the FREENIX Track, 1999 USENIX Annual Technical Conference. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2c167133e49cdffe-6f2d2d6a-46f44f11-95d3bf0c-8caa5d03411a7ad2ce36cc2b"><ac:parameter ac:name="">Miller 04</ac:parameter></ac:structured-macro> \[Miller 04\] Miller, Mark C., Reus, James F., Matzke, Robb P., Koziol, Quincey A., & Cheng, Albert P. "[Smart Libraries: Best SQE Practices for Libraries with an Emphasis on Scientific Computing|https://wci.llnl.gov/codes/smartlibs/UCRL-JRNL-208636.pdf]." _Proceedings of the Nuclear Explosives Code Developer's Conference_, December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10a7c11c8c3adbc8-4b7f56d7-449345a6-a1848244-b522151554df4019f911cc8a"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro> \[MISRA 04\] MISRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="deab0063cdbface5-6346a074-4d3b45a4-b4e882d1-3d1713cbfd3e12c6b4401a5f"><ac:parameter ac:name="">MIT 04</ac:parameter></ac:structured-macro> \[MIT 04\] MIT. "[MIT krb5 Security Advisory 2004-002|hhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt], 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3cdb55b12c9e9bc-60b9287e-480d4aaa-b47ba804-047a28b1582822b55206f066"><ac:parameter ac:name="">MIT 05</ac:parameter></ac:structured-macro> \[MIT 05\] MIT. "[MIT krb5 Security Advisory 2005-003|http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-003-recvauth.txt], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1ee145ea4c7bb06-e7eb922c-490448e8-ba8c937a-7f3bbceffccca27ffc2a7b8d"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro> \[MITRE 07\] MITRE. [Common Weakness Enumeration, Draft 9|http://cwe.mitre.org/], April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aeaa6c371b61d6d4-b39d91bf-4f97434b-a804bddb-b11774e3616258af6a065e77"><ac:parameter ac:name="">MSDN</ac:parameter></ac:structured-macro> \[MSDN\] [Microsoft Developer Network|http://msdn.microsoft.com/en-us/default.aspx]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="41efdfceb42654e2-21c6c288-41aa437b-bddaac94-db06bba12d882607a5bd7b9e"><ac:parameter ac:name="">Murenin 07</ac:parameter></ac:structured-macro> \[Murenin 07\] Murenin, Constantine A. "[cnst: 10-year-old pointer-arithmetic bug in make(1) is now gone, thanks to malloc.conf and some debugging|http://cnst.livejournal.com/24040.html]," June 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2413f3b5f4be109-8e312a22-4b3541c3-b8fb9a86-060bc2d6c72c706bec722542"><ac:parameter ac:name="">NAI 98</ac:parameter></ac:structured-macro> \[NAI 98\] Network Associates Inc. [Bugtraq: Network Associates Inc. Advisory (OpenBSD)|http://seclists.org/bugtraq/1998/Aug/0071.html], 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="46622bbd670983ee-24eabcc6-4a514b75-95748d06-7cfd469b961ebe78dc539b47"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro> \[NASA-GB-1740.13\] NASA Glenn Research Center, Office of Safety Assurance Technologies. [_NASA Software Safety Guidebook_|http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc] (NASA-GB-1740.13). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2b421bf5fce09d8c-a4c89ecd-4c47465d-9ec88ddf-2c74787d76b1c671bad9b78a"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro> \[NIST 06\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c09aa98b0e96baa1-2acf2931-4d224e93-a957993d-0cece55ec43d0cb27354e3b5"><ac:parameter ac:name="">OpenBSD</ac:parameter></ac:structured-macro> \[OpenBSD\] Berkley Software Design, Inc. [Manual Pages|http://www.openbsd.org/cgi-bin/man.cgi], June 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b364f4654ddfd9a-7ba21bcf-426e41b7-a3cd929c-10abbe478f73f4cf2e106853"><ac:parameter ac:name="">Open Group 97a</ac:parameter></ac:structured-macro> \[Open Group 97a\] The Open Group. [_The Single UNIX® Specification, Version 2_|http://www.opengroup.org/onlinepubs/7990989775/toc.htm], 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ffbaf8697de6d2e4-43d5e739-4354414d-81318faa-a3a5a66051430791821b86d4"><ac:parameter ac:name="">Open Group 97b</ac:parameter></ac:structured-macro> \[Open Group 97b\] The Open Group. [_Go Solo 2---The Authorized Guide to Version 2 of the Single UNIX Specification_|http://www.unix.org/whitepapers/64bit.html], May 1997. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7962f6dd4a75ae80-646248d2-4419459c-9f7ebd04-62e655af95b53758e0002882"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro> \[Open Group 04\] The Open Group and the IEEE. [_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm], 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7c5324a366f43096-dcdf3949-4ada46fa-a068b58d-a7ab4a717bbeda109d567687"><ac:parameter ac:name="">OWASP Double Free</ac:parameter></ac:structured-macro> \[OWASP Double Free\] Open Web Application Security Project, "[Double Free|http://www.owasp.org/index.php/Double_Free]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="adc6f443891abea0-9d61924e-46c0433f-8426aa52-1ea50391a5fb4b6a56be03cb"><ac:parameter ac:name="">OWASP Freed Memory</ac:parameter></ac:structured-macro> \[OWASP Freed Memory\] Open Web Application Security Project, "[Using freed memory|http://www.owasp.org/index.php/Using_freed_memory]." |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f2389431a88d2ab-ca72201d-416b4f7a-bff0903b-d77a5df90d96f5a6bec6ada0"><ac:parameter ac:name="">Pethia 03</ac:parameter></ac:structured-macro> \[Pethia 03\] Pethia, Richard D. "[Viruses and Worms: What Can We Do About Them?|http://www.cert.org/congressional_testimony/Pethia-Testimony-9-10-2003/]" September 10, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cfe8b9acd2a12d5c-8fe7a7fc-437c4523-9a13a154-4eac41a00278d3601c9eec01"><ac:parameter ac:name="">Pfaff 04</ac:parameter></ac:structured-macro> \[Pfaff 04\] Pfaff, Ken Thompson. "[Casting (time_t)(-1)|http://groups.google.com/group/comp.lang.c/browse_thread/thread/8983d8d729244f2b/ea0e2972775a1114?#ea0e2972775a1114]." _Google Groups comps.lang.c_, March 2, 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb7f3a7af36f894d-f744c3c9-4fb54275-b9b49e7e-1cf5fe22741b175a97123d5f"><ac:parameter ac:name="">Pike 93</ac:parameter></ac:structured-macro> \[Pike 93\] Pike, Rob & Thompson, Ken. "Hello World." _Proceedings of the USENIX Winter 1993 Technical Conference_, San Diego, CA, January 25-\--29, 1993, pp. 43-\--50. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7769ad5dca8ae6d8-40f30364-49d34f0a-b166b7ea-7cb7882bab7b239f92b4321c"><ac:parameter ac:name="">Plakosh 05</ac:parameter></ac:structured-macro> \[Plakosh 05\] Plakosh, Dan. [_Consistent Memory Management Conventions_|https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/coding/476.html], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="55aee2ae76cc7851-9bd1b5b3-4df64dd3-9faeb22c-f05a67f8259a21605a473aec"><ac:parameter ac:name="">Plum 85</ac:parameter></ac:structured-macro> \[Plum 85\] Plum, Thomas. _Reliable Data Structures in C_. Kamuela, HI: Plum Hall, Inc., 1985 (ISBN 0-911537-04-X). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a85ec153b62e1c67-6bc20333-48c148e1-8f428e17-b6eee2f1df1295b42328e7d8"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro> \[Plum 89\] Plum, Thomas, & Saks, Dan. _C Programming Guidelines, 2nd ed_. Kamuela, HI: Plum Hall, 1989 (ISBN 0911537074). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d619e25f40ea0a79-46735849-4ff240cf-aab883f5-70fd1bf9333e83eed42dc71d"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro> \[Plum 91\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, 1991 (ISBN 0911537104). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3bf980aa6a3dcf3b-5df41b53-4cc04bd8-b5f89e47-c1ed94ea630718a71520e7de"><ac:parameter ac:name="">Plum 08</ac:parameter></ac:structured-macro> \[Plum 08\] Plum, Thomas. Static Assertions. June, 2008. [http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1330.pdf] |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6aa545eb1f022278-ef58b406-4d0944c0-a6678d7c-b1da9aae73bf2300cca43351"><ac:parameter ac:name="">Redwine 06</ac:parameter></ac:structured-macro> \[Redwine 06\] Redwine, Samuel T., Jr., ed. _Secure Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1_. U.S. Department of Homeland Security, September 2006. See [Software Assurance Common Body of Knowledge|https://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/95.html] on Build Security In. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bcd31b2caf31e524-dc87adbd-45fd491d-a68a9b37-d0aed82c73895459280a4179"><ac:parameter ac:name="">RUS-CERT</ac:parameter></ac:structured-macro> \[RUS-CERT\] RUS-CERT Advisory 2002-08:02, "[Flaw in calloc and similar routines|http://cert.uni-stuttgart.de/advisories/calloc.php]," 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b81db253392b1b1-aa90877d-4f054b33-abd9ad35-4a1d620b09105f835641842b"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro> \[Saltzer 74\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM 17_, 7 (July 1974): 388---402. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="51cd7e8d92a8759e-b60aa972-424e413a-9702a437-6adf75037ca5569019defff6"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro> \[Saltzer 75\] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." _Proceedings of the IEEE 63_, 9 (September 1975): 1278-1308. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1871a9f633cc023-8e27507f-439c4cd2-a97da9f0-a95427a30b0d9c51d855b545"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro> \[Saks 99\] Saks, Dan. "[const T vs.T const|http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf]." _Embedded Systems Programming_, February 1999, pp. 13-16. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff709eb11ad48664-2022925a-475048ef-9970a2c8-0bf1cd1db16aaeddb36bc800"><ac:parameter ac:name="">Saks 00</ac:parameter></ac:structured-macro> \[Saks 00\] Saks, Dan. "[Numeric Literals|http://www.embedded.com/2000/0009/0009pp.htm]." _Embedded Systems Programming_, September 2000. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ab21e1086816185-a3453a9c-4f1c4078-8e50b776-5b57ec18361372753cf78c2e"><ac:parameter ac:name="">Saks 01a</ac:parameter></ac:structured-macro> \[Saks 01a\] Saks, Dan. "[Symbolic Constants|http://www.embedded.com/story/OEG20011016S0116]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6f8724b70bebcdb-fef925bb-4b8f4e40-af2289e0-8148ffc33b639fa9139d49e2"><ac:parameter ac:name="">Saks 01b</ac:parameter></ac:structured-macro> \[Saks 01b\] Saks, Dan. "[Enumeration Constants vs. Constant Objects|http://www.embedded.com/columns/programmingpointers/9900402]." _Embedded Systems Design_, November 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6af8f24f1c9cb623-b31ad271-4cf74157-9564b1f5-141fed31d2dda41ed41d5c48"><ac:parameter ac:name="">Saks 02</ac:parameter></ac:structured-macro> \[Saks 02\] Saks, Dan. "[Symbolic Constant Expressions|http://www.embedded.com/story/OEG20020124S0117]." _Embedded Systems Design_, February 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef25ea8c5758f231-45a2ec38-40504cb8-96e8925e-0f816a4e638aa2acc6a42988"><ac:parameter ac:name="">Saks 05</ac:parameter></ac:structured-macro> \[Saks 05\] Saks, Dan. "[Catching Errors Early with Compile-Time Assertions|http://www.embedded.com/columns/programmingpointers/164900888?_requestid=287187]." _Embedded Systems Design_, June 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="062de56a9f68e205-3ead463a-48294e8a-bb5aa2a6-33faf74ca5a6a328be27904b"><ac:parameter ac:name="">Saks 07a</ac:parameter></ac:structured-macro> \[Saks 07a\] Saks, Dan. "[Sequence Points|http://www.embedded.com/columns/programmingpointers/9900661?_requestid=481957]" _Embedded Systems Design_, July 1, 2002. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09476a2d56476f5d-61371388-46f14635-9ad88dbe-e462837132852cc780dfa9d8"><ac:parameter ac:name="">Saks 07b</ac:parameter></ac:structured-macro> \[Saks 07b\] Saks, Dan. [Bail, return, jump, or . . . throw?|http://www.embedded.com/columns/programmingpointers/197008821]. _Embedded Systems Design_, March 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb6f40ec9bda4f78-29ab2e45-473048f3-ab70bbd2-177aa7d494d387ff04d02317"><ac:parameter ac:name="">Saks 08</ac:parameter></ac:structured-macro> \[Saks 08\] Saks, Dan, & Dewhurst, Stephen C. "Sooner Rather Than Later: Static Programming Techniques for C++" (presentation, March 2008). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6480a662ea6b2954-03d1bd83-435649dc-904e8a3d-6eced6d0095b6df84ff9b2fd"><ac:parameter ac:name="">Schwarz 05</ac:parameter></ac:structured-macro> \[Schwarz 05\] Schwarz, B., Wagner, Hao Chen, Morrison, D., West, G., Lin, J., & Tu, J. Wei. "Model checking an entire Linux distribution for security violations." _Proceedings of the 21st Annual Computer Security Applications Conference_, December 2005 (ISSN 1063-9527; ISBN 0-7695-2461-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0447d64880c11b7f-7c7759f7-44b44b25-9a61bb03-5be0dbe4a26f0050dd55fd40"><ac:parameter ac:name="">Seacord 03</ac:parameter></ac:structured-macro> \[Seacord 03\] Seacord, Robert C., Plakosh, Daniel, & Lewis, Grace A. [_Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices_|http://www.informit.com/store/product.aspx?isbn=0321118847]. Addison-Wesley, February 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c835a55a5fa1ead-16aa1de4-4ca04afb-bbe994d6-6a4d17e9900d0ac1d9ad4573"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1d86bec747afeb6-bad33c44-4a8f49ee-a1bf8fc0-301aeba18e8509cb2003e6d3"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro> \[Seacord 05a\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc6c5e460ea2809c-eade422d-491748f4-8471a5f9-92d59429a86d468f88bbf813"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro> \[Seacord 05b\] Seacord, Robert C. "Managed String Library for C, C/C++." _Users Journal_ _23_, 10 (October 2005): 30---34. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="960a5bd6f63218c8-3a2245ae-461a4f6c-b20b9ffa-a5275867a2ae7e148b473dc2"><ac:parameter ac:name="">Seacord 05c</ac:parameter></ac:structured-macro> \[Seacord 05c\] Seacord, Robert C. [_Variadic Functions: How they contribute to security vulnerabilities and how to fix them_|http://www.cert.org/books/secure-coding/LWM%203-11%20%28Seacord%29.pdf]. _Linux World Magazine_, November 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a56c3a3acdf43e50-fb69f07a-4ffb4914-89ef9043-d2ece55f9e630de1cd0e7531"><ac:parameter ac:name="">Secunia</ac:parameter></ac:structured-macro> \[Secunia\] Secunia Advisory SA10635, "[HP-UX calloc Buffer Size Miscalculation Vulnerability|http://secunia.com/advisories/10635/]," 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="341e2a9cc606ca15-09655f18-4ebf4465-bafb9d32-3a234d33c9c01bb83f3d1469"><ac:parameter ac:name="">SecurityFocus 07</ac:parameter></ac:structured-macro> \[SecurityFocus 07\] SecurityFocus. "[Linux Kernel Floating Point Exception Handler Local Denial of Service Vulnerability|http://www.securityfocus.com/bid/10538/discuss]," 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="608b74f4ff6ded58-a3af4caf-4e024a96-a0cdb222-4036d9bddce8dcb95a4d8026"><ac:parameter ac:name="">SecuriTeam 07</ac:parameter></ac:structured-macro> \[SecuriTeam 07\] SecuriTeam. "[Microsoft Visual C+\+ 8.0 Standard Library Time Functions Invalid Assertion DoS (Problem 3000)|http://www.securiteam.com/windowsntfocus/5MP0D0UKKO.html]," February 13, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="675f8fb18fb932b5-9d419a96-47f34627-b6a88451-773ec08a3534d151c66be0c4"><ac:parameter ac:name="">Sloss 04</ac:parameter></ac:structured-macro> \[Sloss 04\] Sloss, Andrew, Symes, Dominic, & Wright, Chris. [_ARM System Developer's Guide_|http://www.arm.com/documentation/books/4975.html]. San Francisco:Elsevier/Morgan Kauffman, 2004 (ISBN-10: 1558608745; ISBN-13: 978-1558608740). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7df56369c751620c-e8915d19-47b64dbe-8cfd8ee6-5d3f5856f28ff233b226403b"><ac:parameter ac:name="">Spinellis 06</ac:parameter></ac:structured-macro> \[Spinellis 06\] Spinellis, Diomidis. [_Code Quality: The Open Source Perspective_|http://www.spinellis.gr/codequality]. Addison-Wesley, 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bbbce0ba164e9e73-8e80c781-48424990-96d5a405-fa3371908487fc50f10f8867"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro> \[Steele 77\] Steele, G. L. "[Arithmetic shifting considered harmful|http://doi.acm.org/10.1145/956641.956647]." _SIGPLAN Not._ 12, 11 (November 1977), 61-69. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="273bb71e6a916ab1-d7bed8b2-4e7b478b-8e758632-bfe73674e006745f46577b62"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro> \[Summit 95\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b6fdb69aec4a3106-fb67a5cd-49fb4f60-ad418668-e25092b4b6392d8f6bb5efae"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro> \[Summit 05\] Summit, Steve. [_comp.lang.c Frequently Asked Questions_|http://c-faq.com/], 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ad061a5b05fece7-419ac5b5-4b964ab7-b34bad99-08f3276372061062f93abbb3"><ac:parameter ac:name="">Sun</ac:parameter></ac:structured-macro> \[Sun\] [Sun Security Bulletin #00122|http://sunsolve.sun.com/search/document.do?assetkey=1-22-00122-1], 1993. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2764aa240dc1f133-b38cc9f8-4c214936-b3c58424-3e9f008c65527c16bff6ea21"><ac:parameter ac:name="">Sun 05</ac:parameter></ac:structured-macro> \[Sun 05\] [C User's Guide|http://docs.sun.com/source/819-3688/]. 819-3688-10. Sun Microsystems, Inc., 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fe7edf193952ad01-803864f6-42d446cb-a7d08c22-bda29e0bad49e6416b093949"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro> \[Sutter 04\] Sutter, Herb & Alexandrescu, Andrei. C+\+ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA:Addison-Wesley Professional, 2004 (ISBN 0321113586). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8ee790418de3babe-72183a7e-44214c74-9073b07e-36934d9abfe7c07127c21a1e"><ac:parameter ac:name="">Tsafrir 08</ac:parameter></ac:structured-macro> \[Tsafrir 08\] Tsafrir, Dan, Da Silva, Dilma, & Wagner, David. [The Murky Issue of Changing Process Identity: Revising "Setuid Demystified"|http://www.eecs.berkeley.edu/~daw/papers/setuid-login08b.pdf] USENIX, June 2008, pages 55-66 |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7428840ea658b3df-0074635c-48494fbd-8a7bb7a9-74ddf6fdd9ce6e3ebfd50a42"><ac:parameter ac:name="">Unicode 06</ac:parameter></ac:structured-macro> \[Unicode 06\] The Unicode Consortium. [The Unicode Standard|http://www.unicode.org/standard/standard.html], Version 5.0. Addison-Wesley Professional; 5th edition (November 3, 2006) ISBN: 0321480910. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6022c1472ddba27e-848e9f3b-431044fc-97739efb-ef8cc293214357e8623070f3"><ac:parameter ac:name="">van de Voort 07</ac:parameter></ac:structured-macro> \[van de Voort 07\] van de Voort, Marco. [Development Tutorial (a.k.a Build FAQ)|http://www.stack.nl/~marcov/buildfaq.pdf], January 29, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="37ed46b66432b359-65a54729-41f74758-bc3b8c2e-7c0750342690b3342b1c89c3"><ac:parameter ac:name="">van Sprundel06</ac:parameter></ac:structured-macro> \[van Sprundel 06\] van Sprundel, Ilja. [Unusualbugs|http://ilja.netric.org/files/Unusual%20bugs.pdf], 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4de5e85679a7ec06-013ec781-46fb41a3-826faba8-b19258d0974ba7fb481b84d8"><ac:parameter ac:name="">Viega 01</ac:parameter></ac:structured-macro> \[Viega 01\] Viega, John. [Protecting Sensitive Data in Memory|http://www.cgisecurity.com/lib/protecting-sensitive-data.html], February 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dbc965ae99a7e032-8e14650c-442f4e8e-89d1abcf-e003544a5839af61c869734c"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro> \[Viega 03\] Viega, John, & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="221625383b8c32d8-3ab8ea02-40414d6c-8928bcbf-b7cf2245bce5d1c42bf3913c"><ac:parameter ac:name="">Viega 05</ac:parameter></ac:structured-macro> \[Viega 05\] Viega, John. [CLASP Reference Guide Volume 1.1.|http://www.securesoftware.com/process/] Secure Software, 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8fc349afad88e36c-14865009-49054232-9f2bb24e-54a07624337d6c21a8d57099"><ac:parameter ac:name="">VU#159523</ac:parameter></ac:structured-macro> \[VU#159523\] Giobbi, Ryan. Vulnerability Note [VU#159523|http://www.kb.cert.org/vuls/id/159523], _Adobe Flash Player integer overflow vulnerability_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6912219d27c36b50-781e28c9-46f641af-a1b7a679-c57c9bc2f9c3de609dd39674"><ac:parameter ac:name="">VU#162289</ac:parameter></ac:structured-macro> \[VU#162289\] Dougherty, Chad. Vulnerability Note [VU#162289|http://www.kb.cert.org/vuls/id/162289], _gcc silently discards some wraparound checks_, April 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="00280c02775bfee4-78b66f92-44d64e27-b0919d21-da5c5f65e5a5dbad69a55b74"><ac:parameter ac:name="">VU196240</ac:parameter></ac:structured-macro> \[VU#196240\] Taschner, Chris & Manion, Art. Vulnerability Note [VU#196240|http://www.kb.cert.org/vulnotes/id/196240], _Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7b706b393974e137-6fe9acf4-493643bb-a7e48ab5-8bd4c3aec77bc9539b45bde5"><ac:parameter ac:name="">VU286468</ac:parameter></ac:structured-macro> \[VU#286468\] Burch, Hal. Vulnerability Note [VU#286468|http://www.kb.cert.org/vulnotes/id/286468], _Ettercap contains a format string error in the "curses_msg()" function_, 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d3f0070589caf695-da052311-495f414f-873c808e-4cd58d61d4ef718b4e4470ee"><ac:parameter ac:name="">VU439395</ac:parameter></ac:structured-macro> \[VU#439395\] Lipson, Howard. Vulnerability Note [VU#439395|http://www.kb.cert.org/vuls/id/439395], _Apache web server performs case sensitive filtering on Mac OS X HFS\+ case insensitive filesystem,_ 2001. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f7bc5a3aae553f57-c38280c4-475a47df-9a589983-39eaa468f9d748cabb4c9b50"><ac:parameter ac:name="">VU551436</ac:parameter></ac:structured-macro> \[VU#551436\] Giobbi, Ryan. Vulnerability Note [VU#551436|http://www.kb.cert.org/vulnotes/id/551436], _Mozilla Firefox SVG viewer vulnerable to buffer overflow,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="96276c3291d2f807-c8491609-42d44350-8816b4cc-06e97f098a80da3306544bd7"><ac:parameter ac:name="">VU568148</ac:parameter></ac:structured-macro> \[VU#568148\] Finlay, Ian A. & Morda, Damon G. Vulnerability Note [VU#568148|http://www.kb.cert.org/vulnotes/id/568148], _Microsoft Windows RPC vulnerable to buffer overflow_, 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd57100fc93fdbd4-e44c59df-4ac241ce-83429db6-c506499e62b65cec318fb63b"><ac:parameter ac:name="">VU623332</ac:parameter></ac:structured-macro> \[VU#623332\] Mead, Robert. Vulnerability Note [VU#623332|http://www.kb.cert.org/vuls/id/623332], _MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function,_ 2005. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a854453bc5312de-b9984a99-441b4c66-94c2a4f8-6d42b3c04584d2f6c180f312"><ac:parameter ac:name="">VU649732</ac:parameter></ac:structured-macro> \[VU#649732\] Gennari, Jeff. Vulnerability Note [VU#649732|http://www.kb.cert.org/vulnotes/id/649732], _Samba AFS ACL Mapping VFS Plug-In Format String Vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1c39671131db4dff-94efe7ba-4cb240d7-8768acee-61615b19ae46ca6ac341c67e"><ac:parameter ac:name="">VU654390</ac:parameter></ac:structured-macro> \[VU#654390\] Rafail, Jason A. Vulnerability Note [VU#654390|https://www.kb.cert.org/vulnotes/id/654390], _ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions_, June 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8705e2bf0fa9ee9b-6451d975-416e4585-897eb02e-3e1b90ac456e9a07eb6a5b1a"><ac:parameter ac:name="">VU743092</ac:parameter></ac:structured-macro> \[VU#743092\] Rafail, Jason A. & Havrilla, Jeffrey S. Vulnerability Note [VU#743092|https://www.kb.cert.org/vulnotes/id/743092], _realpath(3) function contains off-by-one buffer overflow,_ July 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b8b7603449ab4cc3-54da28e7-4ae14817-8920854e-6597ca331d279e2884d56ad4"><ac:parameter ac:name="">VU834865</ac:parameter></ac:structured-macro> \[VU#834865\] Gennari, Jeff. Vulnerability Note [VU#834865|http://www.kb.cert.org/vuls/id/834865], _Sendmail signal I/O race condition_, March 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d17d6110230aeb0e-22ad4211-40914307-9221a062-a2e8f43da1a781bf440b5194"><ac:parameter ac:name="">VU837857</ac:parameter></ac:structured-macro> \[VU#837857\] Dougherty, Chad. Vulnerability Note [VU#837857|http://www.kb.cert.org/vuls/id/837857], _SX.Org server fails to properly test for effective user ID_, August 2006. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25497a9e322a3586-b853fa8d-4e9f4fa6-9e5e9e72-b66af971898c64ed319f9316"><ac:parameter ac:name="">VU881872</ac:parameter></ac:structured-macro> \[VU#881872\] Manion, Art & Taschner, Chris. Vulnerability Note [VU#881872|http://www.kb.cert.org/vulnotes/id/881872], _Sun Solaris telnet authentication bypass vulnerability,_ 2007. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7703086599119e9e-04052c2c-448a411c-bcbc84bc-7e28410491209bcb4b02b5d5"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro> \[Warren 02\] Warren, Henry S. [_Hacker's Delight_|http://www.hackersdelight.org/]. Boston, MA: Addison Wesley Professional, 2002 (ISBN 0201914654). |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e08540f1d49f5982-3f95873d-46ba4429-80c6b005-4ac144185c9c130d629ac50e"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro> \[Wheeler 03\] Wheeler, David. [Secure Programming for Linux and Unix HOWTO, v3.010|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/], March 2003. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2b75c9d694400885-d42ea298-4cf64e74-9309ba57-d1caa1af98c6b74f47f4c2c1"><ac:parameter ac:name="">Wheeler 04</ac:parameter></ac:structured-macro> \[Wheeler 04\] Wheeler, David. [_Secure programmer: Call components safely_|http://www-128.ibm.com/developerworks/linux/library/l-calls.html]. December 2004. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9ccd2a13f0b01b3c-17c558ec-42484fc3-8d179bd7-c28043d488c3e9d9f287da69"><ac:parameter ac:name="">Wojtczuk 08</ac:parameter></ac:structured-macro> \[Wojtczuk 08\] Wojtczuk, Rafal. "[Analyzing the Linux Kernel vmsplice Exploit|http://www.avertlabs.com/research/blog/index.php/2008/02/13/analyzing-the-linux-kernel-vmsplice-exploit/]." McAfee Avert Labs Blog, February 13, 2008. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f4744ce6449adfbf-b5462d60-405a4d33-9e35b70c-52bbb9ecacab07ba1080db92"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro> \[xorl 2009\] xorl. [xorl %eax, %eax|http://xorl.wordpress.com/]. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27f0ee5633b2b824-a1781993-4c554c48-a405aa3e-9b338aab20eeb1b2d4d47e65"><ac:parameter ac:name="">Yergeau 98</ac:parameter></ac:structured-macro> \[Yergeau 98\] Yergeau, F. [RFC 2279 - UTF-8, a transformation format of ISO 10646|http://www.faqs.org/rfcs/rfc2279.html], January 1998. |
| Wiki Markup |
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f9f420834505c158-9b104963-49894ab9-8124b100-9cc2900b7235ba0d69bd8e4e"><ac:parameter ac:name="">Zalewski 01</ac:parameter></ac:structured-macro> \[Zalewski 01\] Zalewski, Michal. [_Delivering Signals for Fun and Profit: Understanding, exploiting and preventing signal-handling related vulnerabilities_|http://lcamtuf.coredump.cx/signals.txt], May 2001. |
...