CERT

Home
More Information
Related Links
References
Code Samples
Additional Articles
Events
Errata

Related Publications

Ranged Integers and Saturation Semantics 

Robert C. Seacord
CERT/CC
Carnegie Mellon University

January 18th, 2007

Available on-line at:  The Art of Software Security Assessment

Integral Security

Robert C. Seacord
CERT/CC
Carnegie Mellon University

November 3, 2006

Available on-line at:  Dr. Dobb's Portal

Secure Coding in C and C++: Of Strings and Integers

Robert C. Seacord
CERT/CC
Carnegie Mellon University

IEEE Security and Privacy, vol. 4,  no. 1,  pp. 74-76,  January/February,  2006.

Validating C and C++ For Safety and Security
A structured approach to manual code review

Robert C. Seacord
CERT/CC
Carnegie Mellon University

C/C++ Users Journal, February 2006

Available on-line at Developer::Security Pipeline

Secure Coding in C and C++: C-Style Strings

Robert C. Seacord
CERT/CC
Carnegie Mellon University

news@sei  Issue: 2006 | 1

Wide-Character Format String Vulnerabilities
Strategies for handling format string weaknesses

Robert C. Seacord
CERT/CC
Carnegie Mellon University

Dr. Dobb's Journal.  Dr. Dobb's Journal. San Mateo: Dec 2005. Vol. 30, Iss. 12; p. 63-66.

Secure Coding in C and C++
An interview with Robert Seacord, senior vulnerability analyst at CERT

Ibrahim Haddad
Strategic Program Manager
Open Source Development Labs

Linux World Magazine.  November, 2005.

PDF File [0.23MB]

Managed String Library for C

Robert C. Seacord
CERT/CC
Carnegie Mellon University

C/C++ Users Journal. Vol. 23, No. 10. Pages 30-34. October 2005. 

Variadic Functions
How they contribute to security vulnerabilities and how to fix them

Robert C. Seacord
CERT/CC
Carnegie Mellon University

Linux World Magazine.  November, 2005.

PDF File [0.18MB]

Information Technology —
Programming languages, their environments and system software
interfaces —
Specification for Managed Strings —

Dr. Fred Long
Department of Computer Science
University of Wales, Aberystwyth

Robert C. Seacord
CERT/CC
Carnegie Mellon University

ISO/IEC C - Document register.  Pre Mt. Tremblant mailing

PDF File [0.95MB]

A Structured Approach to Classifying Security Vulnerabilities
Robert C. Seacord
Allen Householder

Technical Note
CMU/SEI-2005-TN-003

PDF File [0.57MB]
HTML File


More to come...
Last updated November 29, 2006