SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="845b65fd-3f04-4912-9576-d0cb8e37c59c"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Burch, H.; Long, F.; & Seacord, R. Specifications for Managed Strings (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="820cfcaa-1837-4a61-b60c-38832901145d"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ba26a574-369e-4e3e-9b39-974feda3d51f"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graff 03] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="58887f97-574c-49d5-a057-052808425779"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb2663a3-8cb6-4391-b7b6-8fe7e7a515a0"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
[Hatton 95] Hatton, Les. Safer C: Developing Software for High-Integrity and Safety-Critical Systems. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65068621-a2e4-4b36-b956-b8834daf3ba6"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="227451b8-2dea-4232-ab4a-f1a3aae04678"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="63c924b6-ee1e-4fdf-b476-7ab8a4195386"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2e97ecfc-4bb2-42a7-af1f-b8628d66fe6b"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan, B. W. & Ritchie, D. M. The C Programming Language, 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3d36ecee-aad8-4781-8b62-16cc528e8370"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol() (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="71c0a158-d096-4642-9c3b-d8df8143dd59"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f37566fc-89dc-4f62-b64d-d2d887511cfc"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f8685bb0-8f71-435a-b513-1f9a6a75f042"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="37784e3f-629c-4d4e-85a7-f341b278bcab"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (SRD).See http://samate.nist.gov/SRD/srdFiles/

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b8c2424-4775-45d9-a89c-4b4aee6bb396"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="90c44245-1ad1-4e83-abac-ec13873b80d8"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
[Open Group 04a] The Open Group. "readlink." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d029fea-8808-4f54-bec8-b2b7c40abebd"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
[Open Group 04b] The Open Group. "realpath." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1e30f0cd-5297-4af2-871c-e09b781fb685"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2736feec-2be7-4164-aa77-647a6e5563a1"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Thomas Plum, Dan Saks. C++ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ba1b5a4b-9e74-4da9-be01-618c11a59557"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13d26f1e-f41b-42f1-bb9d-bcf529b865b5"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="99a73769-5e6a-4cbe-bc24-a4fe8a64d42c"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. Managed String Library for C. C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6960f01f-4526-43b7-9114-d69b966b8df5"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b7befb6c-addf-4ebc-856b-18fce61e8d34"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions. http://c-faq.com/ (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd5231d3-95c3-4b28-a2bd-11bff06a0e50"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a1a459ce-f69e-4a6e-9437-5cbcd24997bf"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.

  • No labels