SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 19

changes.mady.by.user Pamela Curtis

Saved on

compared with

New Version 20

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b05db436714b5874-80e4913d-4a314509-a7aeb74f-52aaec152c80f4769d8db83f"><ac:parameter ac:name="">Burch 06</ac:parameter></ac:structured-macro>
\[Burch 06\] Hal Burch, Fred Long, Robert Seacord.  Specifications for Managed Strings. May 2006.  CMU/SEI-2006-TR-006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="44222aec2e41c61a-9000f970-4cd34102-9dc19761-c6fde0d8c2e9dccc11b6e1b0"><ac:parameter ac:name="">CERT 06</ac:parameter></ac:structured-macro>
\[CERT 06\] CERT. [Managed String Library|http://www.cert.org/secure-coding/managedstring.html] (2006).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="62de8704d40ad7d8-397be2a0-4e7e4924-bc6aba99-01ebbe53eab4462f241cdf48"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>
\[Graf 03\] Secure Coding: Principles and Practices. O'Reilly, July 2003. ISBN 0596002424.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e71bd7e2-6b91-4bcf-8e66-b1a5de65ee2b"><ac:parameter ac:name="">Haddad 05</ac:parameter></ac:structured-macro>
\[Haddad 05\] Haddad, Ibrahim. "Secure Coding in C and C++: An interview with Robert Seacord, senior vulnerability analyst at CERT." _Linux World Magazine_, November, 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eb8257bf-4c21-4649-8f89-65c42fd18cee"ba20c274-1586-4e0c-a1be-f6b7b25f3fc0"><ac:parameter ac:name="">Hatton 94</ac:parameter></ac:structured-macro>
\[Hatton 04\] Safer C: Developing Software for High-integrity and Safety-critical Systems. McGraw-Hill Book Company. ISBN 0-07-707640-0.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd04f99532280a99-afcc4f16-459f416b-8c429dc9-894cba2848fafe4782a07f5a"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>
\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. Programming Languages --- C, Second Edition, 1999.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d710b1410ac194f-86aaef2f-43bb4813-a06a9b1d-05ef2e2ebb9bbebdafd92bbe"><ac:parameter ac:name="">ISO/IEC TR 24731-2006</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24731-2006\] ISO/IEC TR 24731. Extensions to the C Library, --- Part I: Bounds-checking interfaces. April, 2006.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b197e7609a881e62-8b1c9cf2-45db4636-ac5691f5-6bcf2f6217384b55abd8a37c"><ac:parameter ac:name="">Kerrighan 88</ac:parameter></ac:structured-macro>
\[Kerrighan 88\] Kerrighan B. W., and D. M. Ritchie. The C Programming Language. 2nd ed. Englewood Cliffs, NJ: Prentice-Hall, 1988.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="98ccefbdad4385a0-7f7768d3-41fc49d7-9571b52f-2ec33b2575dd98523c55e27b"><ac:parameter ac:name="">Klein 02</ac:parameter></ac:structured-macro>
\[Klein 02\] Klein, Jack. _Bullet Proof Integer Input Using strtol()_. [http://home.att.net/~jackklein/c/code/strtol.html] (2002).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="08140de912e4c5d4-8a852bcb-4eac48cc-87b4a91b-6435c0962cd34a660aa56d44"><ac:parameter ac:name="">mercy</ac:parameter></ac:structured-macro>
\[mercy\] mercy. _Exploiting Uninitialized Data_. [http://www.felinemenace.org/papers/UBehavior.zip] (January 2006).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="78def9ff78cc6d40-0ca62661-485641c1-bae0966a-5987954098ac28d491044a19"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>
\[MISRA 04\] MISRA C: 2004 Guidelines for the use of the C language in critical systems. MIRA Limited. Warwickshire, UK. October 2004. ISBN 0 9524156 4

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d88a4ae46f2b96a3-e79c2267-43394aca-903c854e-3a60ae23fcd0d2fa95b291a6"><ac:parameter ac:name="">NASA-GB-1740.13</ac:parameter></ac:structured-macro>
\[NASA-GB-1740.13\] NASA-GB-1740.13. NASA Guidebook for Safety Critical Software Analysis and Development. [http://pbma.nasa.gov/docs/public/pbma/general/guidbook.doc]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a2ee14f8f2bdedf-5598a247-486f4c09-bafa9011-e5e52ac21ecc69eb796354a1"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>
\[NIST 06\] NIST. SAMATE Reference Dataset (SRD).See [http://samate.nist.gov/SRD/srdFiles/]

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f46907e7e9c8ea5e-18a13e96-4f0649da-b5bc97cd-fdfebad27f82c6213ed6354d"><ac:parameter ac:name="">Plum 89</ac:parameter></ac:structured-macro>
\[Plum 89\] Plum, Thomas. C Programming Guidelines. Plum Hall; 2nd edition (June 1989). ISBN: 0911537074.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69853d74299fca45-2d98a6d9-4b4c48bc-8af79b88-a1f6c4e2bc9b5617e42316e7"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>
\[Plum 91\] Thomas Plum, Dan Saks. C+\+ Programming Guidelines. Plum Hall (November 1991). ISBN: 0911537104

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6710f1982323c509-3192f20a-40ee4743-99199e28-909c203fb261482bec2072bc"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6dd37ac083c53602-6726a254-4c1b418e-97c8bb1d-0cfa1e7fcfbabbe5f113179c"><ac:parameter ac:name="">Seacord 05a</ac:parameter></ac:structured-macro>
\[Seacord 05a\] Seacord, R. Secure Coding in C and C++. Addison-Wesley, 2005. See [http://www.cert.org/books/secure-coding] for news and errata.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50751b17864057dc-6e19fca5-41154650-ad94a261-e3023d14bd8356ec9f42c1f3"><ac:parameter ac:name="">Seacord 05b</ac:parameter></ac:structured-macro>
\[Seacord 05b\] Seacord, R. Managed String Library for C. C/C+\+ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e89e0613d138aeee-62188021-455b433f-860aa4ee-6a2c6e2f7e5873270d159adc"><ac:parameter ac:name="">Summit 95</ac:parameter></ac:structured-macro>
\[Summit 95\] Summit, Steve. _C Programming FAQs: Frequently Asked Questions_. Boston, MA: Addison-Wesley, 1995 (ISBN 0201845199).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="846992d9741a70d4-3fdd2fca-40754523-8485ab3a-ba46ecf0205d0075adccc162"><ac:parameter ac:name="">Summit 05</ac:parameter></ac:structured-macro>
\[Summit 05\] Summit, Steve. _comp.lang.c Frequently Asked Questions_. [http://c-faq.com/] (2005).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68c71aa7b800e625-5ee877be-471046f8-aa55b60f-bf6bfebbeea28a476dd1ca64"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>
\[Viega 03\] Viega, John & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8fd1ee6d46dffcf7-4594d756-4b8648fe-b22a86ff-3108fc53d995f42152332445"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>
\[Warren 02\] Henry S. Warren. Hacker's Delight. Addison Wesley Professional. July, 2002. ISBN: 0201914654.