SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ad1ccc90-49b4-4ff1-9c46-6f44d8830af1"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Hal Burch, Fred Long, Robert Seacord. Specifications for Managed Strings. May 2006. CMU/SEI-2006-TR-006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="099d89d6-e8bd-4f7f-9041-97d3b07fd8c4"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="80f372fc-cfe7-42dc-b383-3c6461fd8881"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graf 03] Secure Coding: Principles and Practices. O'Reilly, July 2003. ISBN 0596002424.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83324209-d8dd-4cf0-8216-38f760828994"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d5ea436-e3be-4bac-8c40-9d97f9f04d59"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
[Hatton 04] Safer C: Developing Software for High-integrity and Safety-critical Systems. McGraw-Hill Book Company. ISBN 0-07-707640-0.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09ad3334-9d35-4c99-8c3e-db79b344b685"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7ffec02-49d0-49e4-8750-7496c840a14a"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a32abf42-5eb2-4750-be51-3a86cea649ad"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="750de55e-5db4-4ab1-88e1-67c72156fc2f"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan B. W., and D. M. Ritchie. The C Programming Language. 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6988d265-3706-4e95-8d10-74ae8806aef3"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol(). http://home.att.net/~jackklein/c/code/strtol.html (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1a1d7b64-8d88-4324-a72c-1e546ec43331"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data. http://www.felinemenace.org/papers/UBehavior.zip (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="316d7979-fab5-4af7-8e02-7349ab140928"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MISRA C: 2004 Guidelines for the use of the C language in critical systems. MIRA Limited. Warwickshire, UK. October 2004. ISBN 0 9524156 4

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5e04b89c-2cd7-45ab-afd2-dd7a33f176a8"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f0ffe8bf-e156-4199-9ed2-4d1a041ead4c"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (SRD).See http://samate.nist.gov/SRD/srdFiles/

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50c0b4e6-67db-4a9d-ac2d-ee3655604419"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="55b77a84-973b-4d28-a346-8c024bdb6083"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>
[Open Group 04] The Open Group. The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="964668da-a3e7-4158-8cd7-5d1cccb16a69"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d647c69f-af44-48c0-845d-78fe85a70551"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Thomas Plum, Dan Saks. C++ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4c212861-2b35-4821-b609-4f2f54cd7a0b"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f20d4d6-7943-4848-b5e5-10611c3442d8"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="725d9f33-cf4f-453e-891d-937008bad9ba"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. Managed String Library for C. C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="307fb088-829c-4537-bac8-a968242c5f78"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25b021ea-92fa-43d3-aea3-de4836bb7145"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions. http://c-faq.com/ (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="251edff9-026c-48ed-bb35-cbb50ac92939"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7cedae16-1780-460c-b84a-dc6da5d1ec58"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.

  • No labels