Search book title
Enter keywords for book title search
Search book content
Enter keywords for book content search
Filters:
FORMAT
BOOKS
All Books
PACKAGES
All Packages
EDITION
to
PUBLISHER
AABC
(1)
AAMI
(326)
ACI
(573)
AISC
(44)
ASA
(234)
ASCE
(969)
ASHRAE
(652)
ASME
(2114)
ASSE
(64)
ASTM
(92448)
AWC
(54)
AWWA
(541)
BHMA
(117)
BICSI
(33)
BIFMA
(20)
BOMA
(19)
BSI
(93277)
CHD
(3)
CRSI
(17)
IAHSS
(1)
IAPMO
(351)
ICC
(300)
IEEE
(6217)
IES
(240)
ISEA
(16)
Joint Commission
(177)
Joint Commission Int.
(1)
NETA
(5)
NFPA
(1621)
TCNA
(16)
TMS
(19)
USGBC
(28)
WILEY
(4)
 
AR
(6)
AZ
(7)
CA
(115)
CT
(3)
FL
(57)
ID
(5)
IL
(5)
IN
(1)
KY
(1)
LA
(2)
MI
(25)
MN
(26)
NC
(27)
NJ
(13)
NY
(61)
OH
(24)
OR
(22)
PA
(7)
RI
(8)
SC
(20)
SD
(1)
TX
(3)
VA
(50)
VT
(6)
WA
(31)
CONTENT TYPE
 Act
 Admin Code
 Announcements
 Bill
 Book
 CADD File
 CAN
 CEU
 Charter
 Checklist
 City Code
 Code
 Commentary
 Comprehensive Plan
 Conference Paper
 County Code
 Course
 DHS Documents
 Document
 Errata
 Executive Regulation
 Federal Guideline
 Firm Content
 Guideline
 Handbook
 Interpretation
 Journal
 Land Use and Development
 Law
 Legislative Rule
 Local Amendment
 Local Code
 Local Document
 Local Regulation
 Local Standards
 Manual
 Model Code
 Model Standard
 Notice
 Ordinance
 Other
 Paperback
 PASS
 Periodicals
 PIN
 Plan
 Policy
 Product
 Program
 Provisions
 Requirements
 Revisions
 Rules & Regulations
 Standards
 State Amendment
 State Code
 State Manual
 State Plan
 State Standards
 Statute
 Study Guide
 Supplement
 Technical Bulletin
 All
  • BSI
    PD ISO/IEC TS 17961:2013 Information technology. Programming languages, their environments and system software interfaces. C secure coding rules
    Edition: 2016
    $538.63
    / user per year

Description of PD ISO/IEC TS 17961:2013 2016

This Technical Specification specifies

  • rules for secure coding in the C programming language and

  • code examples.

This Technical Specification does not specify

  • the mechanism by which these rules are enforced or

  • any particular coding style to be enforced. (It has been impossible to develop a consensus on appropriate style guidelines. Programmers should define style guidelines and apply these guidelines consistently. The easiest way to consistently apply a coding style is with the use of a code formatting tool. Many interactive development environments provide such capabilities.)

Each rule in this Technical Specification is accompanied by code examples. Code examples are informative only and serve to clarify the requirements outlined in the normative portion of the rule. Examples impose no normative requirements.

Each rule in this Technical Specification that is based on undefined behavior defined in the C Standard identifies the undefined behavior by a numeric code. The numeric codes for undefined behaviors can be found in Annex B, Undefined Behavior.

Two distinct kinds of examples are provided:

  • noncompliant examples demonstrating language constructs that have weaknesses with potentially exploitable security implications; such examples are expected to elicit a diagnostic from a conforming analyzer for the affected language construct; and

  • compliant examples are expected not to elicit a diagnostic.

Examples are not intended to be complete programs. For brevity, they typically omit #include directives of C Standard Library headers that would otherwise be necessary to provide declarations of referenced symbols. Code examples may also declare symbols without providing their definitions if the definitions are not essential for demonstrating a specific weakness.

Some rules in this Technical Specification have exceptions. Exceptions are part of the specification of these rules and are normative.



Standard NumberPD ISO/IEC TS 17961:2013
TitleInformation technology. Programming languages, their environments and system software interfaces. C secure coding rules
StatusUnder Review
Publication Date2016-09-30
Identical National Standard OfISO/IEC TS 17961:2013, ISO/IEC TS 17961:2013/COR 1:2016
CorrectsPD ISO/IEC TS 17961:2013
DescriptorsData processing, Codes, Interfaces (data processing), Computer software, Programming, Coding (programming), Programming languages
ICS35.060 Languages used in information technology
CommitteeIST/5
ISBN978 0 580 95600 3
PublisherBSI
Pages96

About BSI

BSI Group, also known as the British Standards Institution is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.
GROUPS
X