SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 35 Next »

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9343393-1b96-4f3d-819f-8fd53599794e"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Burch, H.; Long, F.; & Seacord, R. Specifications for Managed Strings (CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f573ee0-1ea2-4bfe-b511-898291fc15f0"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e49c4fe3-6a94-4ce3-9b7d-ddc7acbc6fef"><ac:parameter ac:name="">Dewhurst 02</ac:parameter></ac:structured-macro>
[Dewhurst 02] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Boston, MA: Addison-Wesley Professional, 2002.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd2d9c3b-7063-4749-8eb3-7769f160c618"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>
[FSF 05] Free Software Foundation. GCC online documentation. (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50dc949a-953b-459e-af2c-c25e3ee520b9"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graff 03] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3cfa4cc-d5e4-460f-999d-fe32dca55be1"><ac:parameter ac:name="">Griffiths 06</ac:parameter></ac:structured-macro>
[Griffiths 06] Griffiths, Andrew. "Clutching at straws: When you can shift the stack pointer." 

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd61ce5d-5cbe-49c9-85e4-d487bf2edb03"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e077dbaf-256c-4ba3-a87b-ae2481a34cf3"><ac:parameter ac:name="">Hatton 95</ac:parameter></ac:structured-macro>
[Hatton 95] Hatton, Les. Safer C: Developing Software for High-Integrity and Safety-Critical Systems. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="592c0328-05fc-49ed-97cc-f571c52350a3"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="84ae1cc4-42cc-46f4-90b9-1ce4935a9ce2"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7f7c5093-3aaf-4286-a9ea-8316bdb5ccbf"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="00398924-0d54-4b8a-a27a-1f7f521f69cd"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan, B. W. & Ritchie, D. M. The C Programming Language, 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4855899a-be2d-449c-918c-89b025229145"><ac:parameter ac:name="">Kettle 03</ac:parameter></ac:structured-macro>
[Kettlewell 03] Kettlewell, Richard. Inline Functions In C (March 2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c364f257-4d5c-45f5-8cd1-1b90e6d3c6c8"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol() (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6f1cde0-6d62-4271-875f-0b37b0bc795b"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3589355d-ae9e-46d3-a766-60279fed0359"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0aadd0a7-fbb6-4d6f-ae32-d0dc5b116d46"><ac:parameter ac:name="">MSDN 01</ac:parameter></ac:structured-macro>
[MSDN 01] Microsoft. The MSDN Library File Management Functions. (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f56965ff-506a-44eb-ad2a-cc3946bc2bb8"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA Glenn Research Center, Office of Safety Assurance Technologies. NASA Software Safety Guidebook (NASA-GB-1740.13).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="797fd839-c2c8-4dce-9c68-14af78d31492"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b229ccc4-0340-4f9a-b674-3c71fb96a77b"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8642a0f-8a5e-4654-8334-b19cddaa3624"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
[Open Group 04a] The Open Group. "readlink." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1757a2db-1fb8-4007-a8b7-fb26c13a4999"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
[Open Group 04b] The Open Group. "realpath." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3edec813-c468-443f-b2f5-f2b984aaafcf"><ac:parameter ac:name="">Open Group 04c</ac:parameter></ac:structured-macro>
[Open Group 04c] The Open Group. "open." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a2c58406-666c-4775-b45b-eac87ff9ebc1"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines, 2nd ed. Kamuela, HI: Plum Hall, Inc., 1989 (ISBN 0911537074).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6f2c9884-e72f-44e4-82ee-450343689466"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Plum, Thomas. C++ Programming. Kamuela, HI: Plum Hall, Inc., 1991 (ISBN 0911537104).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e4724e77-95b5-4d20-8a37-babd2954a0dd"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>
[Saks 99] Dan Saks. const T vs.T const. Embedded Systems Programming. Pg. 13-16. February 1999. http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7290d729-02f2-415a-bb9f-3de46ffe77be"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eea950c4-cc4f-41af-8f73-d2928e084bc4"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Boston, MA: Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ce35c0e-942d-40f9-9fab-12977bfcc16a"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. "Managed String Library for C, C/C++." Users Journal 23, 10 (October 2005): 30-34.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f7b7379d-1e18-4345-ac5a-5c6a279efcf1"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c69c9857-026a-40ca-9e9b-a455a9cfbea1"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1a3a8aea-fb89-4529-b3f7-a9773fe95594"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d3b98f7-ec73-4007-a086-fa31505e4b0f"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Warren, Henry S. Hacker's Delight. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).

  • No labels