<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="36e9bd4f-1575-467f-a23a-a890558c9db1"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Hal Burch, Fred Long, Robert Seacord. Specifications for Managed Strings. May 2006. CMU/SEI-2006-TR-006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a90fa8c-0553-4a06-b3ee-3966483ef04b"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library
(2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8833b341-a51d-4b53-b97a-7f1a2c5f71f9"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graf 03] Secure Coding: Principles and Practices. O'Reilly, July 2003. ISBN 0596002424.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="313fa2d5-f762-4af5-91c4-d6ea44458fef"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1377e62c-19f2-45d5-a24d-0bd542d9ff50"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
[Hatton 04] Safer C: Developing Software for High-integrity and Safety-critical Systems. McGraw-Hill Book Company. ISBN 0-07-707640-0.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4216cd1-3b94-44ea-8328-9b731c4dfda7"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3cdd1782-3569-4f4d-8dce-4a61ea7b5479"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4ef327e-5428-443a-b23f-0d84e76db13a"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1e70815-9e81-4f71-92b4-5013e359985a"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan B. W., and D. M. Ritchie. The C Programming Language. 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cc220537-c5c1-4738-894e-887dc4c8de47"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol(). http://home.att.net/~jackklein/c/code/strtol.html (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1e5111f-a8ac-4588-8504-901c82c5ba89"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data. http://www.felinemenace.org/papers/UBehavior.zip (January 2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2f2e416-549f-4bcd-90c3-4213ce00918b"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MISRA C: 2004 Guidelines for the use of the C language in critical systems. MIRA Limited. Warwickshire, UK. October 2004. ISBN 0 9524156 4
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca147625-9ae2-49be-b7d1-17bf827e9f69"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32031735-67c5-498f-96b5-2aac776d5922"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (SRD).See http://samate.nist.gov/SRD/srdFiles/
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da414c7d-d30c-4ecd-9890-05a553831e3e"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c6118464-f229-4807-a2a0-600f90e594f5"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
[Open Group 04a] The Open Group. "readlink." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="906f0856-703e-4944-9b8e-217933d041d0"><ac:parameter ac:name="">Open Group 04b</ac:parameter></ac:structured-macro>
[Open Group 04b] The Open Group. "realpath." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_ (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25108651-250c-4908-b21d-32b67d4b4f18"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b37df13-4f0f-465e-bf85-5fefbe9cee83"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Thomas Plum, Dan Saks. C++ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="45cd4902-965e-4811-859e-e64e02c1b5f7"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b4c071d-8c17-44c9-9704-febdefd06e70"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2c94ccf6-a214-45e2-aa9a-0026abe03aef"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. Managed String Library for C. C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4fd3a477-65fb-48d6-aa07-a074e96ab70d"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="864e9f40-dec8-4473-8f42-d7c157119e2c"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions. http://c-faq.com/ (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="500ff42a-fbf7-4c52-98c9-4834bc04fe00"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a91ac39e-1d35-4ab9-b41d-cd12fbb5d083"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.