icon-carat-right menu search cmu-wordmark
Carnegie Mellon University

Specifications for Managed Strings, Second Edition

Technical Report
By
In this report, the authors describe a managed string library for the C programming language.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2010-TR-018
DOI (Digital Object Identifier)
10.1184/R1/6584285.v1
Topic or Tag

Abstract

This report describes a managed string library for the C programming language. Many software vulnerabilities in C programs result from the misuse of manipulation functions for standard C strings. Programming errors common to string-manipulation logic include buffer overflow, truncation errors, string termination errors, and improper data sanitization. The managed string library provides mechanisms to eliminate or mitigate these problems and improve system security. The CERT Program, which is part of the Carnegie Mellon Software Engineering Institute, provides a proof-of-concept implementation of the managed string library on its Secure Coding web pages.

SHARE
Download PDF
Cite This Technical Report

Burch, H., Long, F., Rungta, R., Seacord, R., & Svoboda, D. (2010, May 1). Specifications for Managed Strings, Second Edition. (Technical Report CMU/SEI-2010-TR-018). Retrieved November 21, 2024, from https://doi.org/10.1184/R1/6584285.v1.

@techreport{burch_2010,
author={Burch, Hal and Long, Fred and Rungta, Raunak and Seacord, Robert and Svoboda, David},
title={Specifications for Managed Strings, Second Edition},
month={{May},
year={{2010},
number={{CMU/SEI-2010-TR-018},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6584285.v1},
note={Accessed: 2024-Nov-21}
}

Burch, Hal, Fred Long, Raunak Rungta, Robert Seacord, and David Svoboda. "Specifications for Managed Strings, Second Edition." (CMU/SEI-2010-TR-018). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, May 1, 2010. https://doi.org/10.1184/R1/6584285.v1.

H. Burch, F. Long, R. Rungta, R. Seacord, and D. Svoboda, "Specifications for Managed Strings, Second Edition," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2010-TR-018, 1-May-2010 [Online]. Available: https://doi.org/10.1184/R1/6584285.v1. [Accessed: 21-Nov-2024].

Burch, Hal, Fred Long, Raunak Rungta, Robert Seacord, and David Svoboda. "Specifications for Managed Strings, Second Edition." (Technical Report CMU/SEI-2010-TR-018). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 May. 2010. https://doi.org/10.1184/R1/6584285.v1. Accessed 21 Nov. 2024.

Burch, Hal; Long, Fred; Rungta, Raunak; Seacord, Robert; & Svoboda, David. Specifications for Managed Strings, Second Edition. CMU/SEI-2010-TR-018. Software Engineering Institute. 2010. https://doi.org/10.1184/R1/6584285.v1

Ask a question about this Technical Report