123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581 |
- <?xml version="1.0" encoding="UTF-8"?>
- <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
- "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
- <section id="safe_numerics.bibliography">
- <title>Bibliography</title>
- <bibliography>
- <biblioentry id="coker">
- <abbrev>Coker</abbrev>
- <author>
- <firstname>Zack</firstname>
- <surname>Coker</surname>
- </author>
- <author>
- <firstname>Samir</firstname>
- <surname>Hasan</surname>
- </author>
- <author>
- <firstname>Jeffrey</firstname>
- <surname>Overbey</surname>
- </author>
- <author>
- <firstname>Munawar</firstname>
- <surname>Hafiz</surname>
- </author>
- <author>
- <firstname>Christian</firstname>
- <surname>Kästner</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="https://www.cs.cmu.edu/~ckaestne/pdf/csse14-01.pdf">Integers In
- C: An Open Invitation To Security Attacks?</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink url="http://www.open-std.org/jtc1/sc22/wg21/">JTC1/SC22/WG21 -
- The C++ Standards Committee - ISOCPP</ulink>
- </publishername>
- <date>January 15, 2012</date>
- </biblioentry>
- <biblioentry id="cook">
- <abbrev>Cook</abbrev>
- <author>
- <firstname>John D.</firstname>
- <surname>Cook</surname>
- </author>
- <title>
- <ulink
- url="https://www.johndcook.com/blog/ieee_exceptions_in_cpp/">IEEE
- floating-point exceptions in C++</ulink>
- </title>
- </biblioentry>
- <biblioentry id="crowl">
- <abbrev>Crowl</abbrev>
- <author>
- <firstname>Lawrence</firstname>
- <surname>Crowl</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2012/n3352.html">C++
- Binary Fixed-Point Arithmetic</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink url="http://www.open-std.org/jtc1/sc22/wg21/">JTC1/SC22/WG21 -
- The C++ Standards Committee - ISOCPP</ulink>
- </publishername>
- <date>January 15, 2012</date>
- </biblioentry>
- <biblioentry id="crowl2">
- <abbrev>Crowl & Ottosen</abbrev>
- <author>
- <firstname>Lawrence</firstname>
- <surname>Crowl</surname>
- </author>
- <author>
- <surname>Thorsten Ottosen</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2006/n1962.html">Proposal
- to add Contract Programming to C++</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink url="http://www.open-std.org/jtc1/sc22/wg21/">WG21/N1962 and
- J16/06-0032 - The C++ Standards Committee - ISOCPP</ulink>
- </publishername>
- <date>February 25, 2006</date>
- </biblioentry>
- <biblioentry id="dietz">
- <abbrev>Dietz</abbrev>
- <author>
- <firstname>Will</firstname>
- <surname>Dietz</surname>
- </author>
- <author>
- <firstname>Peng</firstname>
- <surname>Li</surname>
- </author>
- <author>
- <firstname>John</firstname>
- <surname>Regehr</surname>
- </author>
- <author>
- <firstname>Vikram</firstname>
- <surname>Adve</surname>
- </author>
- <title>
- <ulink
- url="http://www.cs.utah.edu/~regehr/papers/overflow12.pdf">Understanding
- Integer Overflow in C/C++</ulink>
- </title>
- <publishername>
- <ulink
- url="http://dl.acm.org/citation.cfm?id=2337223&picked=prox">Proceedings
- of the 34th International Conference on Software Engineering (ICSE),
- Zurich, Switzerland</ulink>
- </publishername>
- <date>June 2012</date>
- </biblioentry>
- <biblioentry id="garcia">
- <abbrev>Garcia</abbrev>
- <author>
- <firstname>J. Daniel</firstname>
- <surname>Garcia</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2014/n4293.pdf">C++
- language support for contract programming</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink url="http://www.open-std.org/jtc1/sc22/wg21/">WG21/N4293 - The
- C++ Standards Committee - ISOCPP</ulink>
- </publishername>
- <date>December 23, 2014</date>
- </biblioentry>
- <biblioentry id="goldberg">
- <abbrev>Goldberg</abbrev>
- <author>
- <firstname>David</firstname>
- <surname>Goldberg</surname>
- </author>
- <title>
- <ulink
- url="https://docs.oracle.com/cd/E19957-01/806-3568/ncg_goldberg.html">What
- Every Computer Scientist Should Know About Floating-Point
- Arithmetic</ulink>
- </title>
- <publishername>
- <ulink url="https://csur.acm.org/index.cfm">ACM Computing
- Surveys</ulink>
- </publishername>
- <date>March, 1991</date>
- </biblioentry>
- <biblioentry id="katz">
- <abbrev>Katz</abbrev>
- <author>
- <firstname>Omer</firstname>
- <surname>Katz</surname>
- </author>
- <title>
- <ulink
- url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">SafeInt
- code proposal</ulink>
- </title>
- <publishername>
- <ulink
- url="https://groups.google.com/a/isocpp.org/forum/?fromgroups#!forum/std-proposals">Boost
- Developer's List</ulink>
- </publishername>
- <abstract>
- <para>Posts of various authors regarding a proposed SafeInt library
- for boost</para>
- </abstract>
- </biblioentry>
- <biblioentry id="keaton">
- <author>
- <firstname>David</firstname>
- <surname>Keaton</surname>
- </author>
- <author>
- <firstname>Thomas</firstname>
- <surname>Plum</surname>
- </author>
- <author>
- <firstname>Robert</firstname>
- <othername>C.</othername>
- <surname>Seacord</surname>
- </author>
- <author>
- <firstname>David</firstname>
- <surname>Svoboda</surname>
- </author>
- <author>
- <firstname>Alex</firstname>
- <surname>Volkovitsky</surname>
- </author>
- <author>
- <firstname>Timothy</firstname>
- <surname>Wilson</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://resources.sei.cmu.edu/asset_files/TechnicalNote/2009_004_001_15074.pdf">As-if
- Infinitely Ranged Integer Model</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink url="http://www.sei.cmu.edu">Software Engineering
- Institute</ulink>
- </publishername>
- <volumenum>CMU/SEI-2009-TN-023</volumenum>
- <abstract>
- <para>Presents a model for addressing integer overflow errors.</para>
- </abstract>
- </biblioentry>
- <biblioentry id="leblanc1">
- <abbrev>LeBlanc</abbrev>
- <author>
- <firstname>David</firstname>
- <surname>LeBlanc</surname>
- </author>
- <title>
- <ulink
- url="https://msdn.microsoft.com/en-us/library/ms972705.aspx">Integer
- Handling with the C++ SafeInt Class</ulink>
- </title>
- <publishername>
- <ulink url="https://www.cert.org">Microsoft Developer Network</ulink>
- </publishername>
- <date>January 7, 2004</date>
- </biblioentry>
- <biblioentry id="leblanc2">
- <abbrev>LeBlanc</abbrev>
- <author>
- <firstname>David</firstname>
- <surname>LeBlanc</surname>
- </author>
- <title>
- <ulink url="https://safeint.codeplex.com">SafeInt</ulink>
- </title>
- <publishername>
- <ulink url="https://www.cert.org">CodePlex</ulink>
- </publishername>
- <date>Dec 3, 2014</date>
- </biblioentry>
- <biblioentry id="lions">
- <abbrev>Lions</abbrev>
- <author>
- <firstname>Jacques-Louis</firstname>
- <surname>Lions</surname>
- </author>
- <title>
- <ulink
- url="https://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report">Ariane
- 501 Inquiry Board report</ulink>
- </title>
- <publishername>
- <ulink
- url="https://en.wikisource.org/wiki/Main_Page">Wikisource</ulink>
- </publishername>
- <date>July 19, 1996</date>
- </biblioentry>
- <biblioentry id="matthews">
- <abbrev>Matthews</abbrev>
- <author>
- <firstname>Hubert</firstname>
- <surname>Matthews</surname>
- </author>
- <title>
- <ulink url="https://accu.org/index.php/journals/324">CheckedInt: A
- Policy-Based Range-Checked Integer</ulink>
- </title>
- <publishername>
- <ulink url="https://accu.org/index.php">Overload Journal #58</ulink>
- </publishername>
- <date>December 2003</date>
- </biblioentry>
- <biblioentry id="mouawad">
- <abbrev>Mouawad</abbrev>
- <author>
- <firstname>Jad</firstname>
- <surname>Mouawad</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://www.nytimes.com/2015/05/01/business/faa-orders-fix-for-possible-power-loss-in-boeing-787.html?_r=0">F.A.A
- Orders Fix for Possible Power Loss in Boeing 787</ulink>
- </ulink>
- </title>
- <publishername>New York Times</publishername>
- <date>April 30, 2015</date>
- <abstract>
- <para>Federal regulators will order operators of Boeing 787
- Dreamliners to shut down the plane’s electrical power periodically
- after Boeing discovered a software error that could result in a total
- loss of power.</para>
- </abstract>
- </biblioentry>
- <biblioentry id="plakosh">
- <abbrev>Plakosh</abbrev>
- <author>
- <firstname>Daniel</firstname>
- <surname>Plakosh</surname>
- </author>
- <title>
- <ulink
- url="https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/312-BSI.html">Safe
- Integer Operations</ulink>
- </title>
- <publishername>
- <ulink url="https://buildsecurityin.us-cert.gov">U.S. Department of
- Homeland Security</ulink>
- </publishername>
- <date>May 10, 2013</date>
- </biblioentry>
- <biblioentry id="seacord1">
- <abbrev>Seacord</abbrev>
- <author>
- <firstname>Robert C.</firstname>
- <surname>Seacord</surname>
- </author>
- <title>
- <ulink
- url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">Secure
- Coding in C and C++</ulink>
- </title>
- <edition>2nd Edition</edition>
- <publishername>Addison-Wesley Professional</publishername>
- <date>April 12, 2013</date>
- <isbn>978-0321822130</isbn>
- </biblioentry>
- <biblioentry id="seacord2">
- <abbrev>INT30-C</abbrev>
- <author>
- <firstname>Robert C.</firstname>
- <surname>Seacord</surname>
- </author>
- <title>
- <ulink
- url="https://www.securecoding.cert.org/confluence/display/seccode/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow?showComments=false">INT30-C.
- Ensure that operations on unsigned integers do not wrap</ulink>
- </title>
- <publishername>
- <ulink url="https://www.cert.org">Software Engineering Institute,
- Carnegie Mellon University</ulink>
- </publishername>
- <date>August 17, 2014</date>
- </biblioentry>
- <biblioentry id="seacord3">
- <abbrev>INT32-C</abbrev>
- <author>
- <firstname>Robert C.</firstname>
- <surname>Seacord</surname>
- </author>
- <title>
- <ulink
- url="https://www.securecoding.cert.org/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap">INT32-C.
- Ensure that operations on signed integers do not result in
- overflow</ulink>
- </title>
- <publishername>
- <ulink url="https://www.cert.org">Software Engineering Institute,
- Carnegie Mellon University</ulink>
- </publishername>
- <date>August 17, 2014</date>
- </biblioentry>
- <biblioentry id="stone">
- <abbrev>Stone</abbrev>
- <author>
- <firstname>David</firstname>
- <surname>Stone</surname>
- </author>
- <title>
- <ulink url="http://doublewise.net/c++/bounded/">C++ Bounded Integer
- Library</ulink>
- </title>
- </biblioentry>
- <biblioentry id="stroustrup">
- <abbrev>Stroustrup</abbrev>
- <author>
- <firstname>Bjarn</firstname>
- <surname>Stroustrup</surname>
- </author>
- <title>The C++ Programming Language</title>
- <edition>Fourth Edition</edition>
- <publishername>
- <ulink
- url="http://www.open-std.org/jtc1/sc22/wg21/">Addison-Wesley</ulink>
- </publishername>
- <copyright>
- <year>2014 by Pearson Education, Inc.</year>
- </copyright>
- <date>January 15, 2012</date>
- </biblioentry>
- <biblioentry id="forum">
- <abbrev>Forum</abbrev>
- <author>
- <surname>Forum Posts</surname>
- </author>
- <title>
- <ulink url="http://www.cert.org/secure-coding/publications/books/secure-coding-c-c-second-edition.cfm?">
- <ulink
- url="http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2012/n3352.html">C++
- Binary Fixed-Point Arithmetic</ulink>
- </ulink>
- </title>
- <publishername>
- <ulink
- url="https://groups.google.com/a/isocpp.org/forum/?fromgroups#!forum/std-proposals">ISO
- C++ Standard Future Proposals</ulink>
- </publishername>
- <abstract>
- <para>Posts of various authors regarding proposal to add safe integer
- to C++ standard libraries</para>
- </abstract>
- </biblioentry>
- </bibliography>
- </section>
|