SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 420

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: replaced dead link

Anchor
Acton 06
Acton 06

[Acton 2006] Acton, Mike. "Understanding Strict Aliasing." CellPerformance, June 1, 2006.

Anchor
Aho 1986
Aho 1986

[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.

Anchor
Apiki 2006
Apiki 2006

[Apiki 2006] Apiki, Steve. "Lock-Free Programming on AMD Multi-Core System." AMD Developer Central, 2006.

...

Anchor
DHS 06
DHS 06

[DHS 2006] U.S. Department of Homeland Security. Build Security In. 2006.

Anchor
DISA 2008
DISA 2008
Anchor
DISA 2015
DISA 2015

[DISA 2015] DISA. Application Security and Development Security Technical Implementation Guide, Version 23, Release 110. Accessed April 2015.

Anchor
DISA 2016
DISA 2016 DOD 5220 DOD 5220

[DOD 5220DISA 2016] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 1. Accessed January 2017.

Anchor
DISA 2018
DISA 2018

[DISA 2018] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 8. Accessed January 2019.

Anchor
DOD 5220
DOD 5220

[DOD 5220] U.S. Department of Defense. DoD Standard 5220. U.S. Department of Defense. DoD Standard 5220.22-M (Word document).

Anchor
Dowd 06
Dowd 06

[Dowd 2006] Dowd, M.; McDonald, J.; & Schuh, J. The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities. Boston: Addison-Wesley, 2006. See http://taossa.com for updates and errata.

Anchor
Drepper 06
Drepper 06

[Drepper 2006] Drepper, Ulrich. Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong). May 3, 2006.

...

Anchor
Fortify 06
Fortify 06

[Fortify 2006] Fortify Software Inc. Fortify Taxonomy: Software Security Errors. 2006.

Anchor
Fomichev 16
Fomichev 16

[Fomichev 2016] Fomichev, Roman. "Safe Clearing of Private Data". PVS-Studio Team, 2016.

Anchor
FSF 05
FSF 05

[FSF 2005] Free Software Foundation. GCC Online Documentation. 2005.

...

Anchor
Howard 02
Howard 02

[Howard 2002] Howard, Michael & LeBlanc, David C. Writing Secure Code , 2nd ed. Redmond, WA: Microsoft Press, 2002.

...

Anchor
IEEE Std 1003.1
IEEE Std 1003.1
Anchor
IEEE Std 1003.1-2008
IEEE Std 1003.1-2008

[IEEE Std 1003.1:2008] IEEE and The Open Group. The Open Group Base Specifications Issue 7 (IEEE Std 1003.1), 2008 Edition. See also ISO/IEC 9945-2008 and Open Group 2008.

Anchor
IEEE Std 1003.1
IEEE Std 1003.1
Anchor
IEEE Std 1003.1-2024
IEEE Std 1003.1-2024

[IEEE Std 1003.1:2024] IEEE and The Open Group. The Open Group Base Specifications Issue 8 (IEEE Std 1003.1), 2024 Edition.

Anchor
IEEE Std 1003.1-2013
IEEE Std 1003.1-2013

[IEEE Std 1003.1:2013] IEEE and The Open Group. Standard for Information Technology—Portable Operating System Interface (POSIX®), Base Specifications, Issue 7 (IEEE Std 1003.1, 2013 Edition). E-book: http://ieeexplore.ieee.org/servlet/opac?punumber=6506089.

Anchor
IETF RFC 6520IETF RFC 6520
IEEE Std 1003.1-2024
IEEE Std 1003.1-2024

[IEEE Std 1003.1:2024] IEEE and The Open Group. Standard for Information Technology—Portable Operating System Interface (POSIX®), Base Specifications, Issue 8 (IEEE Std 1003.1, 2024 Edition). E-book: https://ieeexplore.ieee.org/document/10555529.

Anchor
IETF RFC 6520
IETF RFC 6520

[IETF: RFC 6520] Internet Engineering [IETF: RFC 6520] Internet Engineering Task Force (IETF). Request for Comments 6520: Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. February 2012.

...

Anchor
ISO/IEC 10646-2012
ISO/IEC 10646-2012
Anchor
ISO-IEC 10646-2012
ISO-IEC 10646-2012

[ISO/IEC 10646:2012] ISO/IEC. Information technology—Universal Multiple-Octet Coded Character Set (UCS) (ISO/IEC 10646:2012/IEC. Information technology—Universal Multiple-Octet Coded Character Set (UCS) (ISO/IEC 10646:2012). Geneva, Switzerland: ISO, 2012.

Anchor
ISO/IEC 11889-1-2009
ISO/IEC 11889-1-2009
Anchor
ISO-IEC 11889-1-2009
ISO-IEC 11889-1-2009

[ISO/IEC 11889-1:2009] ISO/IEC. Information Technology—Trusted Platform Module—Part 1: Overview (ISO/IEC 11889-1:2009). Geneva, Switzerland: ISO, 2009.

Anchor
ISO/IEC 14882-2003
ISO/IEC 14882-2003
Anchor
ISO-IEC 14882-2003
ISO-IEC 14882-2003

[ISO/IEC 14882:2003] ISO/IEC. Programming Languages—C++, Second Edition (ISO/IEC 14882-2003). Geneva, Switzerland: ISO, 20122003.

Anchor
ISO/IEC 1188914882-1-20092011
ISO/IEC 1188914882-1-20092011
Anchor
ISO-IEC 1188914882-1-20092011
ISO-IEC 1188914882-1-20092011

[ISO/IEC 11889-114882:20092011] ISO/IEC. Information Technology—Trusted Platform Module—Part 1: OverviewTechnology—Programming Languages—C++, Third Edition (ISO/IEC 1188914882-1:20092011). Geneva, Switzerland: ISO, 20092011.

Anchor
ISO/IEC 1488223360-1-20032006
ISO/IEC 1488223360-1-20032006
Anchor
ISO-IEC 1488223360-1-20032006
ISO-IEC 1488223360-1-20032006

[ISO/IEC 1488223360-1:20032006] ISO ISO/IEC. Programming Languages—C++, Second Edition (ISO/IEC 14882-2003). Linux Standard Base (LSB) Core Specification 3.1—Part 1: Generic Specification . Geneva, Switzerland: ISO, 20032006.

Anchor
ISO/IEC 14882646-20111991
ISO/IEC 14882646-20111991
Anchor
ISO-IEC 14882646-20111991
ISO-IEC 14882646-20111991

[ISO/IEC 14882646:20111991] ISO/IEC. Information Technology—Programming Languages—C++, Third Edition Technology: ISO 7-Bit Coded Character Set for Information Interchange (ISO/IEC 14882646-20111991). Geneva, Switzerland: ISO, 20111991.

Anchor
ISO/IEC 23360-1-20069899:1990
ISO/IEC 23360-1-20069899:1990
Anchor
ISO-IEC 23360-1IEC 9899-20061990
ISO-IEC 233609899-1-20061990

[ISO/IEC 23360-19899:20061990]  ISOISO/IEC. Linux Standard Base (LSB) Core Specification 3.1—Part 1: Generic Specification. Programming Languages—C (ISO/IEC 9899:1990). Geneva, Switzerland: ISO, 20061990.

Anchor
ISO/IEC 646-19919899:1999
ISO/IEC 646-19919899:1999
Anchor
ISO-IEC 6469899-19911999
ISO-IEC 6469899-19911999

[ISO/IEC 6469899:19911999] ISO/IEC. Information Technology: ISO 7-Bit Coded Character Set for Information Interchange Programming Languages—C, 2nd ed (ISO/IEC 646-19919899:1999). Geneva, Switzerland: ISO, 19911999.

Anchor
ISO/IEC 9899:1990-2011
ISO/IEC 9899:1990-2011
Anchor
ISO-IEC 9899-19902011
ISO-IEC 9899-19902011

[ISO/IEC 9899:19902011] ISO/IEC. Programming Languages—C, 3rd ed (ISO/IEC 9899:19902011). Geneva, Switzerland: ISO, 19902011.

Anchor
ISO/IEC 9899:1999-2017
ISO/IEC 9899:1999-2017
Anchor
ISO-IEC 9899-19992017
ISO-IEC 9899-19992017

[ISO/IEC 9899:19992017] ISO/IEC. Programming Languages—C, 2nd 4th ed (ISO/IEC 9899:19992017). Geneva, Switzerland: ISO, 19992017.

Anchor
ISO/IEC 9899-20112024
ISO/IEC 9899-20112024
Anchor
ISO-IEC 9899-20112024
ISO-IEC 9899-20112024

[ISO/IEC 9899:20112024] ISO/IEC. Programming Languages—C, 3rd 5th ed (ISO/IEC 9899:20112024). Geneva, Switzerland: ISO, 20112024.

Anchor
ISO/IEC 9945-2003
ISO/IEC 9945-2003
Anchor
ISO-IEC 9945-2003
ISO-IEC 9945-2003

[ISO/IEC 9945:2003] ISO/IEC. Information Technology—Programming Languages, Their Environments and System Software Interfaces—Portable Operating System Interface (POSIX®) [including Technical Corrigendum 1] (ISO/IEC 9945:2003). Geneva, Switzerland: ISO, 2003.

...

Anchor
Jack 07
Jack 07

[Jack 2007] Jack, Barnaby. Vector Rewrite Attack. May rewrite attack: Exploitable NULL pointer vulnerabilities
on ARM and XScale architectures. In CanSecWest 2007, Vancouver,
BC, Canada, April 2007.

Anchor
Jones 04
Jones 04

[Jones 2004] Jones, Nigel. Learn a New Trick with the offsetof() Macro. Embedded Systems Programming, March 2004.

...

Anchor
Lockheed Martin 05
Lockheed Martin 05

[Lockheed Martin 2005] Lockheed Martin. Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program. Document Number 2RDU00001 Rev C., December 2005.

...

Anchor
McCluskey 01
McCluskey 01

[McCluskey 2001] McCluskey, Glen.  Flexible Array Members and Designators in C9X . ;login:, 26, 4 (July 2001): 29–32.

...

Anchor
mercy 06
mercy 06

[Mercy 2006] Mercy. Exploiting Uninitialized Data. January 2006.Mercy. Exploiting Uninitialized Data . January 2006.

[Myers 2001] Meyers, Randy. The New C: X Macros. Dr. Dobbs. May 01, 2001

Anchor
Meyers 2004
Meyers 2004

[Meyers 2004] Meyers, Randy. Limited size_t WG14 N1080. September 2004.

...

Anchor
Murenin 07
Murenin 07

[Murenin 2007] Murenin, Constantine A. cnst: 10-Year-Old Pointer-Arithmetic Bug in make(1) Is Now Gone, Thanks to malloc.conf and Some Debugging. LiveJournal, June 2007.

Anchor
NASA-GB-1740.13
NASA-GB-1740.13

[NASA-GB-1740.13] NASA Glenn Research Center, Office of Safety Assurance Technologies. NASA Software Safety Guidebook  (NASA-GB-1740.13).

Anchor
Myers 2001
Myers 2001

[Myers, 2001]  Meyers, Randy.  The New C: X Macros.  Dr. Dobbs.  May 01, 2001

Anchor
NAI 98
NAI 98

[NAI 1998] Network Associates, Inc. Bugtraq: Network Associates Inc. Advisory (OpenBSD). 1998.

...

Anchor
Saks 07b
Saks 07b

[Saks 2007b] Saks, Dan. "Bail, Return, Jump, or . . . Throw?" Embedded Systems Design, March 2007.

...

Anchor
Summit 05
Summit 05

[Summit 2005] Summit, Steve. comp.lang.c Frequently Asked Questions . 2005.

Anchor
Sun
Sun
Anchor
Sun 93
Sun 93

[Sun 1993] Sun Microsystems. Sun Security Bulletin #00122 1993.

...