Information Technology: Programming Languages, Their Environments and System Software Interfaces: Specification for Managed Strings

August 19, 2005 • White Paper

By

Fred Long and Robert C. Seacord

In this paper, the authors present a standard specification for managed strings.

Publisher

Software Engineering Institute

Topic or Tag

Abstract

Many vulnerabilities in C programs arise through the use of the standard C string manipulating functions. String manipulation errors include buffer overflow through string copying, truncation errors, termination errors and improper data sanitization.

Version 1.3, submitted as part of the ISO/IET JTC1 SC22 WG14 N1132, August 2005