SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f5025c66-d596-46df-9867-9e63a686d18d"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
[Burch 06] Hal Burch, Fred Long, Robert Seacord. Specifications for Managed Strings. May 2006. CMU/SEI-2006-TR-006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69146f49-4927-4e40-ba22-1afd2eeb31cd"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
[CERT 06] CERT. Managed String Library (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b0777b70-73bf-4ecf-908a-96d5b1f97293"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
[Graf 03] Secure Coding: Principles and Practices. O'Reilly, July 2003. ISBN 0596002424.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e1c92cdc-dc4e-4ec2-90ad-9dddcbeb82cb"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
[Haddad 05] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." Linux World Magazine, November, 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7cf741c0-2008-48fd-a0b2-e1bfa67e25cc"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
[Hatton 04] Safer C: Developing Software for High-integrity and Safety-critical Systems. McGraw-Hill Book Company. ISBN 0-07-707640-0.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fc882e09-0b19-444e-a4ee-479969d3dd1b"><ac:parameter ac:name="">ilja 06</ac:parameter></ac:structured-macro>
[ilja 06] ilja. "readlink abuse." ilja's blog, August 13, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f97b442c-a65b-4d06-9399-1de51a00575c"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42712f84-db21-47bd-a431-8fdd266d5b5f"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
[ISO/IEC TR 24731-2006] ISO/IEC TR 24731. Extensions to the C Library, — Part I: Bounds-checking interfaces. April, 2006.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="45ddc4a7-dde1-452d-809e-cf62bd785d76"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
[Kerrighan 88] Kerrighan B. W., and D. M. Ritchie. The C Programming Language. 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ead2366-0e9b-4c0e-83b4-68b0f2fd9973"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
[Klein 02] Klein, Jack. Bullet Proof Integer Input Using strtol(). http://home.att.net/~jackklein/c/code/strtol.html (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a215e90f-e185-476a-b3d8-f9d34532d44a"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
[mercy] mercy. Exploiting Uninitialized Data. http://www.felinemenace.org/papers/UBehavior.zip (January 2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6236a4a3-2709-4296-a5f5-5c61ca182589"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
[MISRA 04] MISRA C: 2004 Guidelines for the use of the C language in critical systems. MIRA Limited. Warwickshire, UK. October 2004. ISBN 0 9524156 4

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="feccf1dd-2d87-46c3-bf8e-6c555a0fdb07"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
[NASA-GB-1740.13] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c6690811-066f-4edd-a15f-ff3dfdbde95e"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
[NIST 06] NIST. SAMATE Reference Dataset (SRD).See http://samate.nist.gov/SRD/srdFiles/

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53eccb21-678c-4877-b73a-21b3038a30c3"><ac:parameter ac:name="">Open Group 97</ac:parameter></ac:structured-macro>
[Open Group 97] The Open Group. The Single UNIX ® Specification, Version 2 (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3afcc45-77d2-4098-8532-8b649c85bdce"><ac:parameter ac:name="">Open Group 04a</ac:parameter></ac:structured-macro>
[Open Group 04a] The Open Group. "readlink." The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c291af2-1b9b-4624-826a-a0b11619969d"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
[Plum 89] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb57aed8-cf92-484a-ac38-d2227756fb2b"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
[Plum 91] Thomas Plum, Dan Saks. C++ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f51f883-02f1-4e06-ad80-2b589de068a5"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2165a971-e275-4bb7-81ad-7dd517c83d51"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
[Seacord 05a] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See http://www.cert.org/books/secure-coding for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca8e10a0-e0b5-4330-8644-49c11441fcd3"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
[Seacord 05b] Seacord, R. Managed String Library for C. C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6f31c876-2b05-494c-97fc-91994fb78d78"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
[Summit 95] Summit, Steve. C Programming FAQs: Frequently Asked Questions. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d930f1b7-606b-49d0-bae9-5a8a5c8822d7"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
[Summit 05] Summit, Steve. comp.lang.c Frequently Asked Questions. http://c-faq.com/ (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="85b7fe9a-8420-405e-bb9c-4ee05463c62c"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
[Viega 03] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42b69db1-e6eb-48c5-9850-9e072071f41a"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
[Warren 02] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.

  • No labels