<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5932744d-f244-408f-b36e-3c21a88dc45d"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Burch, H.; Long, F.; & Seacord, R. Specifications for Managed Strings
(CMU/SEI-2006-TR-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1003fc67-c696-47bb-98ee-2985ecbd682e"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7ce9a02-47b1-4f28-99e9-32211a5a2b26"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graff 03] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8d6838a0-07c4-4082-833f-eded6aa0e360"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b604e1e3-2e5b-479f-a9b3-35e8ec41559c"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
[Hatton 95] Hatton, Les. Safer C: Developing Software for High-Integrity and Safety-Critical Systems. New York, NY: McGraw-Hill Book Company, 1995 (ISBN 0-07-707640-0).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87eece4e-19b0-421b-b965-fde1cc3c1a6d"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="abc6f617-be5b-4a05-a08f-3b8cff3562fb"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9f362768-a9d7-4c67-8bf3-81073c8b954d"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="debd0b33-39c9-45cd-884f-c5456ec009ae"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan, B. W. & Ritchie, D. M. The C Programming Language, 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d0bf926c-b4bd-4ae7-b256-cc851aa1c38a"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol() (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c7ea8a09-9c19-4cd9-898e-3b70bfa6f428"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data (January 2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="97feab27-6398-43c7-9c8f-19124c859790"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="feaa6892-49e0-42af-8e70-391dfd93d011"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e003c14d-a8a7-489e-83d2-8a7f22e7da20"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (SRD).See http://samate.nist.gov/SRD/srdFiles/
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1f44b51-69dc-46f0-8337-bd197741ade5"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87632f49-a6b3-4c45-9ccd-3849792587c8"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
[Open Group 04a] The Open Group. "readlink." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88ebb5a1-14ce-4435-973f-6e4b41508edc"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
[Open Group 04b] The Open Group. "realpath." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d9f9d692-4d99-4c2f-9630-360a4eff5713"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d21b3e17-72ce-4e80-8058-ff098d3daf94"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Thomas Plum, Dan Saks. C++ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f76f980b-2b88-427b-8a53-97949e7ad6f7"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c858435d-907e-4fcb-8110-71835cb61ee8"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7452f7f4-4a42-47df-975b-fc4f1089e609"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. Managed String Library for C. C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f38c2f87-ad8e-4808-81c1-c2e319c852ae"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c6c8d8c6-93ee-424a-9b20-27bcc1db9628"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions. http://c-faq.com/ (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b6d0e179-bcb3-4cf6-9fda-e67fb6068dfa"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d69b6482-909d-4e00-84d3-00cf8dc82154"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.