<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3237635c-6926-4090-a7ec-e7a40147691e"><ac:parameter ac:name=""> asynchronous-safe</ac:parameter></ac:structured-macro>
asynchronous-safe [[GNU Pth]]
A function is asynchronous-safe, or asynchronous-signal safe, if it can be called safely and without side effects from within a signal handler context. That is, it must be able to be interrupted at any point and run linearly out of sequence without causing an inconsistent state. It must also function properly when global data might itself be in an inconsistent state. Some asynchronous-safe operations are listed here:
- call the
signal()function to reinstall a signal handler - unconditionally modify a
volatile sig_atomic_tvariable (as modification to this type is atomic) - call the
_Exit()function to immediately terminate program execution - invoke an asynchronous-safe function, as specified by your implementation
Few functions are asynchronous-safe. If a function performs any other operations, it is probably not asynchronous-safe.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b02fea39-c741-4495-963f-67879ef5d0bf"><ac:parameter ac:name=""> availability</ac:parameter></ac:structured-macro>
availability [[IEEE Std 610.12 1990]]
The degree to which a system or component is operational and accessible when required for use. Often expressed as a probability.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ed96353-3d0f-4817-81df-7d5cb181564f"><ac:parameter ac:name=""> basic exception safety</ac:parameter></ac:structured-macro>
basic exception safety [[Stroustrup 01]], [[Sutter 00]]
The basic exception safety guarantee is a property of an operation such that, if the operation terminates by raising an exception, it preserves program state invariants and prevents resource leaks. See also: exception safety, strong exception safety, no-throw guarantee.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d21747de-ab4b-4ff0-8681-1554e8a708df"><ac:parameter ac:name=""> conforming program</ac:parameter></ac:structured-macro>
conforming [[ISO/IEC 9899-1999]]
Conforming programs may depend upon nonportable features of a conforming implementation.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f5f48f86-8c5a-4c93-bf7d-e4246f5854c5"><ac:parameter ac:name=""> data race</ac:parameter></ac:structured-macro>
data race [ISO/IEC Document Number N3000 – Working Draft, Standard for Programming Language C++, November 2009]
The execution of a program contains a data race if it contains two conflicting actions in different threads, at least one of which is not atomic, and neither happens before the other. Any such data race results in undefined behavior.
denial-of-service attack
An attempt to make a computer resource unavailable to its intended users.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a4ffd1d6-7a1c-4584-b691-5d55bca8a0ca"><ac:parameter ac:name=""> error tolerance</ac:parameter></ac:structured-macro>
error tolerance [[IEEE Std 610.12 1990]]
The ability of a system or component to continue normal operation despite the presence of erroneous inputs.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b4183a7-4c35-48fc-925d-cfeefd722a15"><ac:parameter ac:name=""> exception safety</ac:parameter></ac:structured-macro>
exception safety [[Stroustrup 01]]
An operation on an object is said to be exception safe if that operation leaves the object in a valid state when the operation is terminated by throwing an exception. See also: basic exception safety, strong exception safety, no-throw guarantee.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="007edd1d-b1fa-4aa3-873b-b3221ae8f332"><ac:parameter ac:name=""> exploit</ac:parameter></ac:structured-macro>
exploit [[Seacord 05a]]
An exploit is a piece of software or technique that takes advantage of a security vulnerability to violate an explicit or implicit security policy.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7b09842-f6bd-4ebe-8ab6-e58f8f9ad9be"><ac:parameter ac:name=""> fail safe</ac:parameter></ac:structured-macro>
fail safe [[IEEE Std 610.12 1990]]
Pertaining to a system or component that automatically places itself in a safe operating mode in the event of a failure; for example, a traffic light that reverts to blinking red in all directions when normal operation fails.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="43412fc9-395a-45cc-8b26-bf4aa0527975"><ac:parameter ac:name=""> fail soft</ac:parameter></ac:structured-macro>
fail soft [[IEEE Std 610.12 1990]]
Pertaining to a system or component that continues to provide partial operational capability in the event of certain failures; for example, a traffic light that continues to alternate between red and green if the yellow light fails.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="11ee1447-83da-4dd9-bf7c-56011ee4fe8d"><ac:parameter ac:name=""> fault tolerance</ac:parameter></ac:structured-macro>
fault tolerance [[IEEE Std 610.12 1990]]
The ability of a system or component to continue normal operation despite the presence of hardware or software faults.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="544f17a6-fe22-48d3-9b1f-207b3c3ed36c"><ac:parameter ac:name=""> free store</ac:parameter></ac:structured-macro>
free store [[ISO/IEC 14882-2003]]
Storage managed by the C++ allocation and deallocation functions ::operator new(std::size_t), ::operator delete(void*), their array forms ::operator new[](std::size_t), ::operator delete[](void*), overloads of said functions on std::nothrow_t, any user-defined replacements for said functions, as well as any such functions defined as a member of a class. Storage in the free store is distinct from storage managed by the C functions calloc, free, malloc, and realloc.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae0a5578-0a70-46fa-95cc-664a3b56ab9a"><ac:parameter ac:name=""> freestanding environment</ac:parameter></ac:structured-macro>
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ed4279b5-39bd-474f-bbbb-5070a2817ac1"><ac:parameter ac:name=""> freestanding implementation</ac:parameter></ac:structured-macro>
freestanding implementation [[ISO/IEC 14882-2003]]
A freestanding implementation is one in which execution may take place without the benefit of an operating system, and has an implementation-defined set of libraries that includes certain language-support libraries. Also referred to as freestanding environment.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b4f41577-c87e-4621-bb58-3eaf37ecf132"><ac:parameter ac:name=""> hosted environment</ac:parameter></ac:structured-macro>
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ce779804-d455-41da-bf25-5107c522e56f"><ac:parameter ac:name=""> hosted implementation</ac:parameter></ac:structured-macro>
hosted implementation [[ISO/IEC 14882-2003]]
An implementation that is not freestanding. Program startup occurs at main(), complex types are implemented, and all C++ standard library facilities are available. Also referred to as hosted environment.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="308232f7-e307-4db2-9b24-f1aa5fdb6bfa"><ac:parameter ac:name=""> implementation</ac:parameter></ac:structured-macro>
implementation [[ISO/IEC 9899-1999]]
Particular set of software, running in a particular translation environment under particular control options, that performs translation of programs for, and supports execution of functions in, a particular execution environment.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c2f74358-9857-49f3-afaf-6774247db644"><ac:parameter ac:name=""> implementation-defined behavior</ac:parameter></ac:structured-macro>
implementation-defined behavior [[ISO/IEC 14882-2003]]
Behavior, for a well-formed program construct and correct data, that depends on the implementation and that each implementation shall document.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b0da60f9-82db-458e-bafc-0a9db618ce54"><ac:parameter ac:name=""> incomplete type</ac:parameter></ac:structured-macro>
incomplete type [[ISO/IEC 14882-2003]]
A type that describes objects but lacks information needed to determine their sizes.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0209dc9b-1dcf-41f4-bce1-7958a34d2f17"><ac:parameter ac:name=""> indeterminate value</ac:parameter></ac:structured-macro>
indeterminate value [[ISO/IEC 9899-1999]]
Either an unspecified value or a trap representation.
invalid pointer
A pointer that is not a #valid pointer.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2a5efcef-70d9-4aa5-bb30-332b23550fec"><ac:parameter ac:name=""> locale-specific behavior</ac:parameter></ac:structured-macro>
locale-specific behavior [[ISO/IEC 14882-2003]]
Behavior that depends on local conventions of nationality, culture, and language that each implementation documents.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8cef115b-6fc3-4dc3-ab93-8c8fbe3b990d"><ac:parameter ac:name=""> lvalue</ac:parameter></ac:structured-macro>
lvalue [[ISO/IEC 9899-1999]]
An lvalue is an expression with an object type or an incomplete type other than void. The name "lvalue" comes originally from the assignment expression E1 = E2, in which the left operand E1 is required to be a (modifiable) lvalue. It is perhaps better considered as representing an object "locator value".
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d0317a7-97aa-4836-bfec-a3e01f218499"><ac:parameter ac:name=""> mitigation</ac:parameter></ac:structured-macro>
mitigation [[Seacord 05a]]
Mitigations are methods, techniques, processes, tools, or runtime libraries that can prevent or limit exploits against vulnerabilities.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="80b90a0b-379d-48f4-92ae-eddb58e86c5e"><ac:parameter ac:name=""> no-throw guarantee</ac:parameter></ac:structured-macro>
no-throw guarantee [[Sutter 00]]
The no-throw guarantee is a property of an operation such that it is guaranteed to complete successfully without raising or propagating an exception. See also: exception safety, basic exception safety, strong exception safety.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0da39e92-1592-474f-b686-a8bb3e120e09"><ac:parameter ac:name="">one definition rule</ac:parameter></ac:structured-macro>
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="07d1060e-13d8-43a7-a45d-5db4e5bfc8b6"><ac:parameter ac:name="">odr</ac:parameter></ac:structured-macro>
one definition rule (ODR) [[ISO/IEC 14882-2003]]
A fundamental C++ rule that states that no translation unit shall contain more than one definition of any variable, function, class type, enumeration type or template.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6dbde164-eece-4d91-840e-7f3329257735"><ac:parameter ac:name=""> reentrant</ac:parameter></ac:structured-macro>
reentrant [[Dowd 06]]
A function is reentrant if multiple instances of the same function can run in the same address space concurrently without creating the potential for inconsistent states.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="15abc2ef-e684-4b2d-b6c1-e75bdc0a5411"><ac:parameter ac:name=""> reliability</ac:parameter></ac:structured-macro>
reliability [[IEEE Std 610.12 1990]]
The ability of a system or component to perform its required functions under stated conditions for a specified period of time.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="825cebec-d3e0-41a6-9efb-6856e69ea4b4"><ac:parameter ac:name=""> robustness</ac:parameter></ac:structured-macro>
robustness [[IEEE Std 610.12 1990]]
The degree to which a system or component can function correctly in the presence of invalid inputs or stressful environmental conditions.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b11b773-6cab-42f4-b520-7b5c257c4302"><ac:parameter ac:name=""> rvalue</ac:parameter></ac:structured-macro>
rvalue [[ISO/IEC 9899-1999]]
Value of an expression.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="582df64c-2bb6-486f-8cfc-c3a8a6cf59c5"><ac:parameter ac:name=""> security flaw</ac:parameter></ac:structured-macro>
security flaw [[Seacord 05a]]
A security flaw is a software defect that poses a potential security risk.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="85145dd7-e98c-49ee-ab82-07f1080f3df5"><ac:parameter ac:name=""> security policy</ac:parameter></ac:structured-macro>
security policy [[Internet Society 00]]
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42336c73-a9f1-4743-9cb5-b9770ecd951c"><ac:parameter ac:name=""> sequence point</ac:parameter></ac:structured-macro>
sequence point C99 [[ISO/IEC 9899-1999]]
Evaluation of an expression may produce side effects. At specific points in the execution sequence called sequence points, all side effects of previous evaluations have completed, and no side effects of subsequent evaluations have yet taken place.
The following sequence points are defined by C99 [[ISO/IEC 9899-1999]]:
- the call to a function, after the arguments have been evaluated
- the end of the first operand of the following operators: && (logical AND); || (logical OR); ? (conditional); , (comma operator)
- the end of a full declarator
- the end of a full expression: an initializer; the expression in an expression statement (that is, at the semicolon); the controlling expression of a selection statement (if or switch); the controlling expression of a while or do statement; each of the expressions of a for statement; the expression in a return statement
- immediately before a function returns
- after the actions associated with each formatted input/output function conversion specifier
- immediately before and immediately after each call to a comparison function, by a standard searching or sorting function, and between any call to a comparison function and any movement of the objects passed as arguments to that call
Note that not all instances of a comma in C code denote a usage of the comma operator. For example, the comma between arguments in a function call is not a sequence point.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bdec38ea-5184-49ee-bc7e-ce7d7ab589f6"><ac:parameter ac:name=""> strictly conforming</ac:parameter></ac:structured-macro>
strictly conforming [[ISO/IEC 9899-1999]]
A strictly conforming program is one that uses only those features of the language and library specified in the international standard. Strictly conforming programs are intended to be maximally portable among conforming implementations and can't, for example, depend upon implementation-defined behavior.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fc3fdf4d-e152-4305-af82-71257e6a069e"><ac:parameter ac:name=""> strong exception safety</ac:parameter></ac:structured-macro>
strong exception safety [[Stroustrup 01]], [[Sutter 00]]
The strong exception safety guarantee is a property of an operation such that, in addition to satisfying the basic exception safety guarantee, if the operation terminates by raising an exception it has no observable effects on program state. See also: exception safety, basic exception safety, no-throw guarantee.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="faa5a33e-8274-4448-b0c8-7d432128cfbc"><ac:parameter ac:name="">trap representation</ac:parameter></ac:structured-macro>
trap representation [[ISO/IEC 9899-1999]]
Object representation that does not represent a value of the object type. Attempting to read the value of an object that has a trap representation other than by an expression that has a character type is undefined . Producing such a representation by a side effect that modifies all or any part of the object other than by an expression that has a character type is undefined.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29b39314-6077-41d2-91cb-dd780a7cc8e1"><ac:parameter ac:name=""> undefined behavior</ac:parameter></ac:structured-macro>
undefined behavior [[ISO/IEC 14882-2003]]
Behavior, such as might arise upon use of an erroneous program construct or erroneous data, for which the C++ Standard imposes no requirements. Undefined behavior may also be expected when the C++ Standard omits the description of any explicit definition of behavior.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b28cf66-db82-4aa6-9a2a-18c5159a0661"><ac:parameter ac:name=""> unspecified behavior</ac:parameter></ac:structured-macro>
unspecified behavior [[ISO/IEC 14882-2003]]
Behavior, for a well-formed program construct and correct data, that depends on the implementation. The implementation is not required to document which behavior occurs.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="235f30a6-8045-43e9-800b-4bf34ca44ac1"><ac:parameter ac:name=""> unspecified value</ac:parameter></ac:structured-macro>
unspecified value [[ISO/IEC 9899-1999]]
A valid value of the relevant type where the C++ Standard imposes no requirements on which value is chosen in any instance. An unspecified value cannot be a trap representation.
valid pointer
A pointer that refers to an element within an array or one past the last element of an array. For the purposes of this definition, a pointer to an object that is not an element of an array behaves the same as a pointer to the first element of an array of length one with the type of the object as its element type. (Cf 6.5.8p3)
For the purposes of this definition, an object can be considered to be an array of a certain number of bytes; that number is the size of the object, as produced by the sizeof operator.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c90f192f-760a-4446-b82f-4d1c07c48917"><ac:parameter ac:name=""> validation</ac:parameter></ac:structured-macro>
validation [[IEC 61508-4]]
Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use are fulfilled.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="987e738e-13d4-4760-a53d-05ccdb6eb858"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
verification [[IEC 61508-4]]
Confirmation by examination and provision of objective evidence that the requirements have been fulfilled.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27cdcef2-af8f-4986-b6cd-853ef3b834b3"><ac:parameter ac:name=""> vulnerability</ac:parameter></ac:structured-macro>
vulnerability [[Seacord 05a]]
A vulnerability is a set of conditions that allows an attacker to violate an explicit or implicit security policy.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a59eaefa-4302-4a81-ad33-20c3970c4def"><ac:parameter ac:name="">well-formed program</ac:parameter></ac:structured-macro>
well-formed program [[ISO/IEC 14882-2003]]
A C++ program constructed according to the syntax rules, diagnosable semantic rules, and the One Definition Rule.