[Abrahams 2010] Abrahams, David. 
Boost Library Error and Exception Handling Guidelines, #7, 2001-2003. Boost Library. 2010.
 [Banahan 2003] Banahan, Mike. 
 The C Book . 2003.
[Barney 2010] Barney, Blaise. 
POSIX Threads Programming, . Lawrence Livermore National Security, LLC
, . 2010.
[Becker 2008] Becker, Pete. 
Working Draft, Standard for Programming Language C++, . April 2008.
[Becker 2009] Becker, Pete 
Working Draft, Standard for Programming Language C++, . September 2009.
[Black 2007] 
Black, Paul E.
 Black; Kass, Michael
 Kass; & Koo, Michael
 Koo. 
Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL)
, Software Diagnostics and Conformance Testing Division, May 2007. http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf. May 2007.| Anchor | 
|---|
Cline 09 | Cline 09 | [Cline 2009] Cline, Marshall. 
C++ FAQ  Lite - Frequently Lite—Frequently Asked Questions 1991. 1991-2009
.| Anchor | 
|---|
| |  | codesourcery 2016a | 
|---|
 |  | codesourcery 2016a | Coverity 07 | Coverity 07 | 
|---|
 | 
[
Coverity 2007] Coverity Prevent User's Manual (3.3.0). 2007.| Anchor | 
|---|
CodeSourcery 2016a] CodeSourcery, Compaq, EDG, HP, IBM, Intel, Red Hat, SGI, et al. Itanium C++ ABI. December 2016 [accessed].| Anchor | 
|---|
| |  | codesourcery2016b | 
|---|
 |  | codesourcery2016b | 
|---|
 | 
[CodeSourcery 2016b] CodeSourcery, Compaq, EDG, HP, IBM, Intel, Red Hat, SGI, et al. Itanium C++ ABI (Revision: 1,86). December 2016 [accessed].[Coverity 2007] Coverity. Coverity Prevent User's Manual (3.3.0). 2007. [CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types.[Dewhurst 2002CWE | CWE[CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types. | | Anchor | 
|---|
Dewhurst 03 | Dewhurst 03[Dewhurst 2003] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Boston, MA: Addison-Wesley Professional, 2002. | | Anchor | 
|---|
Dewhurst 05 | Dewhurst 05[Dewhurst 2005 | ] Dewhurst, Stephen C. 
C++ Gotchas: Avoiding Common Problems in Coding and Design. Addison-Wesley Professional. 2002.[Dewhurst 2005] Dewhurst, Stephen C. C++ Common Knowledge Common Knowledge: Essential Intermediate Programming. 
Boston, MA: Addison-Wesley Professional
, . 2005.
[DISA 2015] DISA. 
Application Security and Development Security Technical Implementation Guide, Version 3, Release 10. Accessed 
October 2016April 2015.
[DISA 2016] DISA. 
Application Security and Development Security Technical Implementation Guide, Version 4, Release 1. Accessed 
October 2016January 2017.
[Dowd 2007] Dowd, McDonald & Schuh. [DISA 2018] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 8. Accessed January 2019.[Dowd 2006] Dowd, Mark; McDonald, John; & Schuh, Justin. The Art of Software Security Assessment - Attacking delete and delete[] in C++, 2007.. In The Art of Software Security Assessment. Addison-Wesley Professional. 2006.[Fortify 2006] Fortify Software Inc. 
Fortify Taxonomy: Software Security Errors, . 2006.
[FSF 2005] Free Software Foundation. 
GCC online documentationOnline Documentation. ( 2005
).
[Gamma 
19951994] Gamma, 
Erich; Helm
, Richard; Johnson, Ralph, 
& Vlissides, 
and JohnsonJohn. 
Design Patterns Elements of Reusable Object Oriented Software. Addison
-Wesley 
, 1995Professional. 1994.
| Anchor | 
|---|
| |  | Goldberg 91gnu2016Goldberg 91 | 
|---|
 |  | gnu2016 | 
|---|
 | 
[
GNU 2016] gnu.org. GCC, the GNU Compiler Collection: Declaring Attributes of Functions. December 2016 [accessed].[Goldberg 1991] Goldberg, Goldberg 1991] Goldberg, David. 
What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems
, . March 1991.
[Graff 2003] Graff, Mark G. & Van Wyk, Kenneth R. 
Secure Coding: Principles and Practices.
 Cambridge, MA: O O'Reilly
, . 2003
 (. ISBN 0596002424
).
[Henricson 1997] Henricson, Mats & Nyquist, Erik. 
Industrial Strength C++. 
Upper Saddle River, NJ: Prentice Hall PTR
, . 1997
 (. ISBN 0-13-120965-5
).
[Hinnant 2005] Hinnant, Howard. 
RValue Reference Recommendations for Chapter 20.
 N1856,  N1856=05-0116. August 2005.
[Hinnant 2015] Hinnant, Howard. Reply to "
std::exception Why what() is returning a const char* and not a string?" 
[public forum post]. ISO C++ Standard—Discussion, . June 28, 2015.
| Anchor | 
|---|
| |  | IEC 60812 2006 | 
|---|
 |  | IEC 60812 2006 | 
|---|
 | 
[IEC 60812 2006] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. 
( IEC 60812
). IEC
, . January 2006.
| Anchor | 
|---|
| |  | IEEE Std 610.12 1990 | 
|---|
 |  | IEEE Std 610.12 1990 | 
|---|
 | 
[IEEE Std 610.12 1990] IEEE.  IEEE Standard Glossary of Software Engineering Terminology. 1990.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2013 | 
|---|
 |  | IEEE Std 1003.1-2013 | 
|---|
 | 
[IEEE Std 1003.1:2013] IEEE & The Open Group. Standard for Information Technology—Portable Operating System Interface (POSIX). Base Specifications. Issue 7. 2013.[INCITS 2012] INCITS Document number N3396= 12-0096. Dynamic memory allocation for over-aligned data. 2012. [INCITS 2014] INCITS PL22.16 & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N3967. 2014.
[INCITS 2020] INCITS PL22.16 & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N4860. 2020.
| Anchor | 
|---|
| |  | Internet Society 00 | 
|---|
 |  | Internet Society 00 | 
|---|
 | 
[Internet Society 2000] The Internet Society. Internet Security Glossary (RFC 2828). 2000.
| Anchor | 
|---|
| |  | ISO/IEC 9899-1999 | 
|---|
 |  | ISO/IEC 9899-1999 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC 9899-1999 | 
|---|
 |  | ISO-IEC 9899-1999 | 
|---|
 | 
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition. 1999.| Anchor | 
|---|
| |  | ISO/IEC 9899-2011 | 
|---|
 |  | ISO/IEC 9899-2011 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC 9899-2011 | 
|---|
 |  | ISO-IEC 9899-2011 | 
|---|
 | 
[ISO/IEC 9899:2011] ISO/IEC. Programming Languages—C, 3rd ed. ISO/IEC 9899:2011. 2011INCITS 2014 | INCITS 2014[INCITS 2014] INCITS PL22.16 and ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88), Doc. N3967, 2014. | | Anchor | 
|---|
ISO/IEC 9899-1999 | ISO/IEC 9899-1999 | | Anchor | 
|---|
ISO-IEC 9899-1999 | ISO-IEC 9899-1999[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999. | | Anchor | 
|---|
ISO/IEC 9899-2011 | ISO/IEC 9899-2011 | | Anchor | 
|---|
ISO-IEC 9899-2011 | ISO-IEC 9899-2011[ISO/IEC 9899:2011] ISO/IEC. Programming Languages—C, 3rd ed (ISO/IEC 9899:2011). Geneva, Switzerland: ISO, 2011. | | Anchor | 
|---|
ISO/IEC14882-1998 | ISO/IEC14882-1998[ISO/IEC 14882-1998] ISO/IEC 14882-1998. Programming Languages — C++, First Edition, 1998. | | Anchor | 
|---|
ISO/IEC14882-2003 | ISO/IEC14882-2003[ISO/IEC 14882-2003] ISO/IEC 14882-2003. Programming Languages — C++, Second Edition, 2003. | | Anchor | 
|---|
ISO/IEC14882-2011 | ISO/IEC14882-2011[ISO/IEC 14882-2011] ISO/IEC 14882-2011. Programming Languages — C++, Third Edition, 2011 | .
| Anchor | 
|---|
| |  | ISO/IEC14882-20141998 | 
|---|
 |  | ISO/IEC14882-20141998 | 
|---|
 | 
[ISO/IEC 14882-
20141998] ISO/IEC 14882-
20141998. 
 Programming Languages — C++, Fourth First Edition, 2014. 1998.
| Anchor | 
|---|
| |  | ISO/IEC DTR 24772IEC14882-2003 | 
|---|
 |  | ISO/IEC DTR 24772IEC14882-2003 | 
|---|
 | 
[ISO/IEC 
DTR 2477214882-2003] ISO/IEC 
DTR 24772. Information Technology — 14882-2003. Programming Languages —  Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, November 2009C++, Second Edition. 2003.
| Anchor | 
|---|
| |  | ISO/IEC N3000IEC14882-2011 | 
|---|
 |  | ISO/IEC N3000IEC14882-2011 | 
|---|
 | 
[ISO/IEC 
N3000] Working Draft, Standard for Programming Language 14882-2011] ISO/IEC 14882-2011. Programming Languages — C++,  November 2009Third Edition.2011.| Anchor | 
|---|
| |  | ISO/IEC TR 24772IEC14882-20132014 | 
|---|
 |  | ISO/IEC TR 24772IEC14882-20132014 | 
|---|
 | 
[ISO/IEC 
TR 2477214882-
20132014] ISO/IEC 
TR 2477214882-
2013. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use. Geneva, Switzerland: ISO, March 2013.| Anchor | 
|---|
ISO/IEC TS 17961 | ISO/IEC TS 17961 | | Anchor | 
|---|
ISO-IEC TS 17961 | ISO-IEC TS 17961 | | Anchor | 
|---|
ISO/IEC TS 17961-2013 | ISO/IEC TS 17961-2013[ISO/IEC TS 17961] ISO/IEC TS 17961. Information Technology—Programming Languages, Their Environments and System Software Interfaces—C Secure Coding Rules. Geneva, Switzerland: ISO, 2012. | | Anchor | 
|---|
Jack 07 | Jack 07[Jack 2007] Jack, Barnaby. Vector Rewrite Attack. May 2007. | | Anchor | 
|---|
Kalev 99 | Kalev 99[Kalev 99] Kalev, Danny. ANSI/ISO C++ Professional Programmer's Handbook. Indianapolis, Ind: Que, 1999. | | Anchor | 
|---|
Kalev 03 | Kalev 03[Kalev 2003] Kalev, Danny. Static Assertions. January 2003. | | Anchor | 
|---|
Lions 96 | Lions 96[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996. | | Anchor | 
|---|
Lockheed Martin 05 | Lockheed Martin 05[Lockheed Martin 2005] Lockheed Martin. "Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program." Document Number 2RDU00001 Rev C., December 2005. | | Anchor | 
|---|
Meyers 95 | Meyers 95[Meyers 1995] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley Professional, 1995. | | Anchor | 
|---|
Meyers 96 | Meyers 96[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley, 1996. | | Anchor | 
|---|
Meyers 97 | Meyers 97[Meyers 1997] Meyers, Scott. Effective C++ : 55 Specific Ways to Improve Your Programs and Designs, 3rd 2014. Programming Languages — C++, Fourth Edition. 2014. | | Anchor | 
|---|
| |  | ISO/IEC N3000 | 
|---|
 |  | ISO/IEC N3000 | 
|---|
 | 
[ISO/IEC N3000 2009] Working Draft, Standard for Programming Language C++. November 2009.| Anchor | 
|---|
| |  | ISO/IEC TR 24772-2013 | 
|---|
 |  | ISO/IEC TR 24772-2013 | 
|---|
 | 
[ISO/IEC TR 24772:2013] ISO/IEC. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use. TR 24772-2013. ISO. March 2013.| Anchor | 
|---|
| |  | ISO/IEC TS 17961 | 
|---|
 |  | ISO/IEC TS 17961 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC TS 17961 | 
|---|
 |  | ISO-IEC TS 17961 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC TS 17961-2013 | 
|---|
 |  | ISO/IEC TS 17961-2013 | 
|---|
 | 
[ISO/IEC TS 17961:2012] ISO/IEC TS 17961. Information Technology—Programming Languages, Their Environments and System Software Interfaces—C Secure Coding Rules. ISO. 2012.
[Jack 2007] Jack, Barnaby. Vector Rewrite Attack. Juniper Networks. May 2007.[Kalev 1999] Kalev, Danny. ANSI/ISO C++ Professional Programmer's Handbook. Que. Corporation. 1999[Lea 2000] Lea, Doug. Concurrent Programming in Java, 2nd Edition. Addison-Wesley Professional. 2000.[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.
[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.| Anchor | 
|---|
| |  | Lockheed Martin 05 | 
|---|
 |  | Lockheed Martin 05 | 
|---|
 | 
[Lockheed Martin 2005] Lockheed Martin. Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program. Document Number 2RDU00001, Rev C. December 2005.[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Addison-Wesley. 1996.[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Addison-Wesley Professional. 2001.[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Addison-Wesley Professional. 2005.[Meyers 2014] Meyers, Scott. Reply to The Drawbacks of Implementing Move Assignment in Terms of Swap [blog post]. The View from Aristeia: Scott Meyers' Professional Activities and Interests. 2014.[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines. 2010.[MISRA 2004] MIRA Limited. MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems. MIRA Limited. ISBN 095241564X. October 2004.[MISRA 2008] MISRA Limited. MISRA C++ 2008 Guidelines for the Use of the C++ Language in Critical Systems. ISBN 978-906400-03-3 (paperback);  ISBN 978-906400-04-0 (PDF). June 2008.[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9. April 2008.[MITRE 2008a] MITRE. CWE ID 327. Use of a Broken or Risky Cryptographic Algorithm. 2008.[MITRE 2008b] MITRE. CWE ID 330. Use of Insufficiently Random Values. 2008.[MITRE] MITRE. Common Weakness Enumeration, Version 1.8. February 2010.[MSDN 2010] Microsoft Developer Network. CryptGenRandom Function. December 2016 [accessed].[MDSN 2016] Microsoft Developer Network. nothrow (C++). December 2016 [accessed].[NIST 2006] NIST.  SAMATE Reference Dataset. 2006.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2013 | 
|---|
 |  | IEEE Std 1003.1-2013 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:2013 | 
|---|
 |  | ISO/IEC 9945:2013 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 13 | 
|---|
 |  | Open Group 13 | 
|---|
 | 
[Open Group 2013] The Open Group. The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2013 Edition. 2013.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2008 | 
|---|
 |  | IEEE Std 1003.1-2008 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:2008 | 
|---|
 |  | ISO/IEC 9945:2008 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 08 | 
|---|
 |  | Open Group 08 | 
|---|
 | 
[Open Group 2008] The Open Group.  The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition. 2008. ed. Boston, MA: Addison-Wesley Professional, 1997.| Anchor | 
|---|
Meyers 01 | Meyers 01[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Boston, MA: Addison-Wesley Professional, 2001. | | Anchor | 
|---|
Meyers 05 | Meyers 05[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Boston, MA: Addison-Wesley Professional, 2005. | | Anchor | 
|---|
Meyers 14 | Meyers 14[Meyers 2014] Meyers, Scott. Reply to "The Drawbacks of Implementing Move Assignment in Terms of Swap" [blog post]. The View from Aristeia: Scott Meyers' Professional Activities and Interests, 2014. | | Anchor | 
|---|
Microsoft 10 | Microsoft 10[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines | | Anchor | 
|---|
MISRA 04 | MISRA 04[MISRA 2004] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X). | | Anchor | 
|---|
MISRA 08 | MISRA 08[MISRA 2008] MIRA Limited. "MISRA C++: 2008 Guidelines for the Use of the C++ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008. | | Anchor | 
|---|
MITRE 07 | MITRE 07[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9, April 2008. | | Anchor | 
|---|
MITRE 08a | MITRE 08a[MITRE 2008a] MITRE. CWE ID 327, "Use of a Broken or Risky Cryptographic Algorithm," 2008. | | Anchor | 
|---|
MITRE 08b | MITRE 08b[MITRE 2008b] MITRE. CWE ID 330, "Use of Insufficiently Random Values," 2008. | | Anchor | 
|---|
MITRE | MITRE[MITRE] MITRE. Common Weakness Enumeration, Version 1.8. February 2010. | | Anchor | 
|---|
MSDN 10 | MSDN 10[MSDN 2010] MSDN. "CryptGenRandom Function." | | Anchor | 
|---|
NIST 06 | NIST 06[NIST 2006] NIST. SAMATE Reference Dataset, 2006. | | Anchor | 
|---|
| |  | IEEE Std 1003.1-20132004 | 
|---|
 |  | IEEE Std 1003.1-20132004 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:20132003 | 
|---|
 |  | ISO/IEC 9945:20132003 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 1304 | 
|---|
 |  | Open Group 1304 | 
|---|
 | 
[Open Group 
20132004] The Open Group. 
 The Open Group Base Specifications Issue  76, IEEE Std 1003.1,  2013 2004 Edition, 2013. 2004.
| Anchor | 
|---|
POSIX.1-2008 | POSIX.1-2008 | | Anchor | 
|---|
IEEE Std 1003.1-2008 | IEEE Std 1003.1-2008 | | Anchor | 
|---|
ISO/IEC 9945:2008 | ISO/IEC 9945:2008 | | Anchor | 
|---|
Open Group 08 | Open Group 08 | 
[Open Group 2008] The Open Group. The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition, 2008.| Anchor | 
|---|
POSIX.1-2004 | POSIX.1-2004 | | Anchor | 
|---|
IEEE Std 1003.1-2004 | IEEE Std 1003.1-2004 | | Anchor | 
|---|
ISO/IEC 9945:2003 | ISO/IEC 9945:2003 | | Anchor | 
|---|
Open Group 04 | Open Group 04[Open Group 2004] The Open Group. The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition, 2004. | | Anchor | 
|---|
Plum 91 | Plum 91[Plum 1991] Plum, Thomas. C++ Programming. Kamuela, HI: Plum Hall, Inc., November 1991 (ISBN 0911537104). | | Anchor | 
|---|
Quinlan 06 | Quinlan 06[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. "[Plum 1991] Plum, Thomas. C++ Programming. Plum Hall, Inc. November 1991. ISBN 0911537104.[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++. 27-35. Page 500-262. In Proceedings of the Static Analysis Summit. July 2006.[Rohlf 2009] Rohlf, Chris.  Fun with erase (). 2009.[Saks 1999] Saks, Dan.  const T vs.T const. Embedded Systems Programming. February 1999. Pages 13-16.[Saks 2007] Saks, Dan. Sequence Points. Embedded Systems Design. 2007.[Seacord 2005] Seacord, Robert C. Secure Coding in C and C++. Addison-Wesley. 2005. ISBN 0321335724.[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++, Second Edition. Addison-Wesley. 2013.[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68. 2010.[SGI 2006] Silicon Graphics, Inc. basic_string<charT, traits, Alloc>. Standard Template Library Programmer's Guide. 2006.[Steele 1977] Steele, G. L. Arithmetic shifting considered harmful. SIGPLAN Notices. Volume 12. Issue 11. November 1977. Pages 61-69. | | Anchor | 
|---|
| |  | Stroustrup 97 | 
|---|
 |  | Stroustrup 97 | 
|---|
 | 
[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Addison-Wesley. 1997. ISBN  978-0201700732.| Anchor | 
|---|
| |  | Stroustrup 06 | 
|---|
 |  | Stroustrup 06 | 
|---|
 | 
[Stroustrup 2006] Stroustrup, Bjarne.  C++ Style and Technique FAQ. 2006. December 2016 [accessed].| Anchor | 
|---|
| |  | Stroustrup 01 | 
|---|
 |  | Stroustrup 01 | 
|---|
 | 
[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques. AT&T Labs. 2001.[Sun 1993] Sun Security Bulletin #00122. 1993.[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional. 2000. ISBN 0201615622.[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional. 2001. ISBN 020170434.[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Addison-Wesley Professional. 2004. ISBN 0321113586.| Anchor | 
|---|
| |  | van Sprundel06 | 
|---|
 |  | van Sprundel06 | 
|---|
 | 
[van Sprundel 2006] van Sprundel, Ilja. Unusual bugs. 2006.[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. O'Reilly. 2003. ISBN 0-596-00394-3. [Viega 2005] Viega, John. CLASP Reference Guide, Volume 1.1. Secure Software. 2005.[VU#159523] Giobbi, Ryan. Vulnerability Note VU#159523. Adobe Flash Player integer overflow vulnerability. April 2008. [VU#162289] Dougherty, Chad. Vulnerability Note VU#162289. GCC Silently Discards Some Wraparound Checks. April 2008.[VU#623332] Mead, Robert. Vulnerability Note VU#623332. MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function. July 2005. [VU#925211] Weimer, Florian. Vulnerability Note VU#925211. Debian and Ubuntu OpenSSL packages contain a predictable random number generator. May Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++," 27-35. NIST Special Publication 500-262, Proceedings of the Static Analysis Summit. Gaithersburg, MD, July 2006.| Anchor | 
|---|
Saks 99 | Saks 99[Saks 1999] Dan Saks. const T vs.T const. Embedded Systems Programming. Pg. 13-16. February 1999. http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf | | Anchor | 
|---|
Saks 07 | Saks 07[Saks 2007] Saks, Dan. "Sequence Points" Embedded Systems Design, 07/01/02. | | Anchor | 
|---|
Seacord 05 | Seacord 05[Seacord 2005] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2005 (ISBN 0321335724). | | Anchor | 
|---|
Seacord 2013 | Seacord 2013 | | Anchor | 
|---|
Seacord 13 | Seacord 13[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++. Boston: Addison-Wesley, 2013. See http://www.cert.org/books/secure-coding for news and errata. | | Anchor | 
|---|
Sebor 04 | Sebor 04[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68, Issue 475, 2010. | | Anchor | 
|---|
SGI 06 | SGI 06[SGI 2006] Silicon Graphics, Inc. "basic_string<charT, traits, Alloc>." Standard Template Library Programmer's Guide, 2006. | | Anchor | 
|---|
Steele 77 | Steele 77[Steele 1977] Steele, G. L. 1977. Arithmetic shifting considered harmful. SIGPLAN Not. 12, 11 (Nov. 1977), 61-69. | | Anchor | 
|---|
Stroustrup 97 | Stroustrup 97[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Reading, MA: Addison-Wesley, 1997 (ISBN 0201889544). | | Anchor | 
|---|
Stroustrup 06 | Stroustrup 06[Stroustrup 2006] Stroustrup, Bjarne. C++ Style and Technique FAQ (2006). | | Anchor | 
|---|
Stroustrup 01 | Stroustrup 01[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques (2001). | | Anchor | 
|---|
Sun 93 | Sun 93[Sun 1993] Sun Security Bulletin #00122, 1993. | | Anchor | 
|---|
Sutter 00 | Sutter 00[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2000 (ISBN 0201615622). | | Anchor | 
|---|
Sutter 01 | Sutter 01[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2001 (ISBN 020170434). | | Anchor | 
|---|
Sutter 04 | Sutter 04[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA: Addison-Wesley Professional, 2004 (ISBN 0321113586). | | Anchor | 
|---|
van Sprundel06 | van Sprundel06[van Sprundel 2006] van Sprundel, Ilja. Unusualbugs. 2006. | | Anchor | 
|---|
Viega 03 | Viega 03[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3). | | Anchor | 
|---|
Viega 05 | Viega 05[Viega 2005] Viega, John. CLASP Reference Guide Volume 1.1. Secure Software, 2005. | | Anchor | 
|---|
VU#162289 | VU#162289[VU#162289] Dougherty, Chad. Vulnerability Note VU#162289, GCC Silently Discards Some Wraparound Checks. April | 2008.
[Warren 2002] Warren, Henry S. 
Hacker's Delight. 
Boston, MA: Addison Wesley Professional. 2002
 (. ISBN 0201914654
).
[Williams 
20102010a] Williams, Anthony
. Thread. 
Boost Library Thread, 2007-2008. 2010.
[Williams 
20102010b] Williams, Anthony. 
Simpler Multithreading in C++0x, . Internet.com
, . 2010.
[xorl 2009] xorl. 
xorl %eax, %eax. 
 Image Removed
Image Removed  Image Removed
Image Removed  Image Removed. December 2016 [accessed].
Image Removed. December 2016 [accessed].