...
[Black 2007] Black, Paul E.; Kass, Michael; & Koo, Michael.
Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL)
, May . May 2007.
[Cline 2009] Cline, Marshall.
C++ FAQ Lite—Frequently Asked Questions. 1991-2009.
...
| Anchor |
|---|
| codesourcery2016b |
|---|
| codesourcery2016b |
|---|
|
[CodeSourcery 2016b] CodeSourcery, Compaq, EDG, HP, IBM, Intel, Red Hat, SGI, et al.
Itanium C++ ABI ($RevisionRevision: 1,86 $). December 2016 [accessed].
[Coverity 2007]
Coverity. Coverity Prevent User's Manual (3.3.0). 2007.
...
[DISA 2015] DISA.
Application Security and Development Security Technical Implementation Guide, Version 3, Release 10.
October 2016 [accessed]Accessed April 2015.
[DISA 2016] DISA.
Application Security and Development Security Technical Implementation Guide, Version 4, Release 1. Accessed October 2016. Accessed January 2017.[DISA 2018] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 8. Accessed January 2019.
[Dowd 2006] Dowd,
Mark; McDonald,
John; & Schuh, Justin. Attacking delete and
eletedelete[] in C++. In
The Art of Software Security Assessment. Addison-Wesley Professional. 2006.
...
[Gamma 1994] Gamma, Erich; Helm, Richard; Johnson, Ralph, & Vlissides, John.
Design Patterns Elements of Reusable Object Oriented Software. Addison-Wesley Professional
, . 1994.
[GNU 2016] gnu.org.
GCC, the GNU Compiler Collection: Declaring Attributes of Functions. December 2016 [accessed]
. https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html[Goldberg 1991] Goldberg, David.
What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems. March 1991.
[Graff 2003] Graff, Mark G. & Van Wyk, Kenneth R.
Secure Coding: Principles and Practices. O'Reilly. 2003. ISBN 0596002424.
[Henricson 1997] Henricson, Mats & Nyquist, Erik.
Industrial Strength C++. Prentice Hall PTR. 1997. ISBN 0-13-120965-5.
[Hinnant 2005] Hinnant, Howard.
RValue Reference Recommendations for Chapter 20.
August N1856=05-0116. August 2005.
[Hinnant 2015] Hinnant, Howard. Reply to "
std::exception Why what() is returning a const char* and not a string?"
ISO C++ Standard—Discussion.
June 2015.
...
| Anchor |
|---|
| IEEE Std 1003.1-2013 |
|---|
| IEEE Std 1003.1-2013 |
|---|
|
[IEEE Std 1003.1:2013] IEEE & The Open Group.
Standard for Information Technology—Portable Operating System Interface (POSIX).
Base Specifications, . Issue 7. 2013
. http://ieeexplore.ieee.org/servlet/opac?punumber=6506089.
[INCITS 2012] INCITS Document number N3396= 12-0096.
Dynamic memory allocation for over-aligned data. 2012.
[INCITS 2014] INCITS PL22.16 and & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N3967. 2014.
[INCITS 2020] INCITS PL22.16 & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N4860. 2020.
| Anchor |
|---|
| Internet Society 00 |
|---|
| Internet Society 00 | Internet Society 00 |
|---|
|
[Internet Society 2000] The Internet Society. Internet Security Glossary (RFC 2828). 2000.
...
| Anchor |
|---|
| ISO/IEC N3000 |
|---|
| ISO/IEC N3000 |
|---|
|
[ISO/IEC N3000
2009] Working Draft, Standard for Programming Language C++. November 2009.
...
[Jack 2007] Jack, Barnaby.
Vector Rewrite Attack.
Juniper Networks. May 2007.
[Kalev 1999] Kalev, Danny. ANSI/ISO C++ Professional Programmer's Handbook. Que. Corporation. 1999[Lea 2000] Lea, Doug.
Concurrent Programming in Java, 2nd Edition. Addison-Wesley Professional. 2000.
http://www.informit.com/store/concurrent-programming-in-java-design-principles-and-9780201310092[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.| Anchor |
|---|
kalev99 | kalev99 | | Anchor |
|---|
kalev1999 | kalev1999 | [Kalev 1999] Kalev, Danny. ANSI/ISO C++ Professional Programmer's Handbook. Que. Corporation. 1999501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.[Lions 1996] Lions, J. L.
ARIANE 5 Flight 501 Failure Report.
Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES)
Inquiry Board, . July 1996.
| Anchor |
|---|
| Lockheed Martin 05 |
|---|
| Lockheed Martin 05 |
|---|
|
[Lockheed Martin 2005] Lockheed Martin.
Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program. Document Number 2RDU00001, Rev C. December 2005.
...
[MSDN 2010]
MSDNMicrosoft Developer Network.
" CryptGenRandom Function. December 2016 [accessed].
"[MDSN 2016] Microsoft Developer Network.
nothrow (C++). December 2016 [accessed]. https://msdn.microsoft.com/en-us/library/49147z04.aspx). December 2016 [accessed].[NIST 2006] NIST.
SAMATE Reference Dataset, . 2006.
| Anchor |
|---|
| IEEE Std 1003.1-2013 |
|---|
| IEEE Std 1003.1-2013 |
|---|
|
| Anchor |
|---|
| ISO/IEC 9945:2013 |
|---|
| ISO/IEC 9945:2013 |
|---|
|
| Anchor |
|---|
| Open Group 13 |
|---|
| Open Group 13 |
|---|
|
[Open Group 2013] The Open Group.
The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2013 Edition, . 2013.
| Anchor |
|---|
| IEEE Std 1003.1-2008 |
|---|
| IEEE Std 1003.1-2008 |
|---|
|
| Anchor |
|---|
| ISO/IEC 9945:2008 |
|---|
| ISO/IEC 9945:2008 |
|---|
|
| Anchor |
|---|
| Open Group 08 |
|---|
| Open Group 08 |
|---|
|
[Open Group 2008] The Open Group.
The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition, . 2008.
| Anchor |
|---|
| IEEE Std 1003.1-2004 |
|---|
| IEEE Std 1003.1-2004 |
|---|
|
| Anchor |
|---|
| ISO/IEC 9945:2003 |
|---|
| ISO/IEC 9945:2003 |
|---|
|
| Anchor |
|---|
| Open Group 04 |
|---|
| Open Group 04 |
|---|
|
[Open Group 2004] The Open Group.
The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition, . 2004.
[Plum 1991] Plum, Thomas.
C++ Programming.
Kamuela, HI: Plum Hall, Inc.
, November 1991
(. ISBN 0911537104
).
[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas.
" Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++
," . 27-35.
NIST Special Publication Page 500-262, . In Proceedings of the Static Analysis Summit.
Gaithersburg, MD, July 2006.
[Rohlf 2009] Rohlf, Chris.
Fun with erase (). 2009.
[Saks 1999]
Saks, Dan
Saks.
const T vs.T const.
Embedded Systems Programming.
Pg February 1999.
Pages 13-16.
February 1999.[Saks 2007] Saks, Dan.
"Sequence Points" . Embedded Systems Design, 07/01/02. 2007.
[Seacord 2005] Seacord,
RRobert C.
Secure Coding in C and C++.
Upper Saddle River, NJ: Addison-Wesley
, . 2005
(. ISBN 0321335724
).
[Seacord 2013] Seacord, Robert C.
Secure Coding in C and C++, Second Edition.
Boston: Addison-Wesley
, 2013. See http://www.cert.org/books/secure-coding for news and errata. 2013.
[Sebor 2004] Sebor, Martin.
C++ Standard Core Language Active Issues, Revision 68, Issue 475, . 2010.
[SGI 2006] Silicon Graphics, Inc.
" basic_string<charT, traits, Alloc>.
" Standard Template Library Programmer's Guide, . 2006.
[Steele 1977] Steele, G. L
. 1977.
Arithmetic shifting considered harmful. SIGPLAN NotNotices. Volume 12
, . Issue 11
(Nov.
November 1977
), . Pages 61-69.
| Anchor |
|---|
| Stroustrup 97 |
|---|
| Stroustrup 97 |
|---|
|
[Stroustrup 1997] Stroustrup, Bjarne.
The C++ Programming Language, Third Edition.
Reading, MA: Addison-Wesley
, . 1997
(ISBN 0201889544). ISBN 978-0201700732.
| Anchor |
|---|
| Stroustrup 06 |
|---|
| Stroustrup 06 |
|---|
|
[Stroustrup 2006] Stroustrup, Bjarne.
C++ Style and Technique FAQ (.2006
).
Accessed November December 2016
[accessed].
| Anchor |
|---|
| Stroustrup 01 |
|---|
| Stroustrup 01 |
|---|
|
[Stroustrup 2001] Stroustrup, Bjarne.
Exception Safety: Concepts and Techniques (2001). AT&T Labs. 2001.
[Sun 1993]
Sun Security Bulletin #00122, . 1993.
[Sutter 2000] Sutter, Herb.
Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional
, . 2000
(. ISBN 0201615622
).
[Sutter 2001] Sutter, Herb.
More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional
, . 2001
(. ISBN 020170434
).
[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei.
C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA: Addison. Addison-Wesley Professional
, . 2004
(. ISBN 0321113586
).
| Anchor |
|---|
| van Sprundel06 |
|---|
| van Sprundel06 |
|---|
|
[van Sprundel 2006] van Sprundel, Ilja.
Unusual bugs, . 2006.
[Viega 2003] Viega, John & Messier, Matt.
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More.
Sebastopol, CA: O'Reilly
, . 2003
(. ISBN 0-596-00394-3
).
[Viega 2005] Viega, John.
CLASP Reference Guide, Volume 1.1. Secure Software
, . 2005.
[VU#159523]
Giobbi, Ryan. Vulnerability Note VU#159523, Vulnerability Note VU#159523. Adobe Flash Player integer overflow vulnerability. April 2008. [VU#162289] Dougherty, Chad.
Vulnerability Note VU#162289, . GCC Silently Discards Some Wraparound Checks. April 2008.
[VU#623332] Mead, Robert.
Vulnerability Note VU#623332. MIT Kerberos 5 contains double free
vulner-ability vulnerability in "krb5_recvauth()" function. July 2005.
...
[Warren 2002] Warren, Henry S.
Hacker's Delight.
Boston, MA: Addison Wesley Professional. 2002
(. ISBN 0201914654
).
[Williams
20102010a] Williams, Anthony.
Thread. Boost Library. 2010.
[Williams
20102010b] Williams, Anthony.
Simpler Multithreading in C++0x, . Internet.com
, . 2010.
[xorl 2009] xorl.
xorl %eax, %eax. December 2016 [accessed].
Image Removed Image Removed Image Removed
