search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Specifications for Managed Strings

Technical Report
By
This report has been superseded by Specifications for Managed Strings, Second Edition (CMU/SEI-2010-TR-018).
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2006-TR-006
Subjects

Abstract

This report describes a managed string library for the C programming language. Many software vulnerabilities in C programs result from the misuse of standard C string manipulation functions. Programming errors common to string manipulation logic include buffer overflow, truncation errors, string termination errors, and improper data sanitation. The managed string library provides mechanisms to eliminate or mitigate these problems and improve system security. A proof-of-concept implementation of the managed string library is available from the Secure Coding area of the CERT Web site.

This report has been superseded by Specifications for Managed Strings, Second Edition (CMU/SEI-2010-TR-018).

SHARE
Download PDF
Cite This Technical Report

Burch, H., Long, F., & Seacord, R. (2006, May 1). Specifications for Managed Strings. (Technical Report CMU/SEI-2006-TR-006). Retrieved April 23, 2024, from https://insights.sei.cmu.edu/library/specifications-for-managed-strings/.

@techreport{burch_2006,
author={Burch, Hal and Long, Fred and Seacord, Robert},
title={Specifications for Managed Strings},
month={May},
year={2006},
number={CMU/SEI-2006-TR-006},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://insights.sei.cmu.edu/library/specifications-for-managed-strings/},
note={Accessed: 2024-Apr-23}
}

Burch, Hal, Fred Long, and Robert Seacord. "Specifications for Managed Strings." (CMU/SEI-2006-TR-006). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, May 1, 2006. https://insights.sei.cmu.edu/library/specifications-for-managed-strings/.

H. Burch, F. Long, and R. Seacord, "Specifications for Managed Strings," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2006-TR-006, 1-May-2006 [Online]. Available: https://insights.sei.cmu.edu/library/specifications-for-managed-strings/. [Accessed: 23-Apr-2024].

Burch, Hal, Fred Long, and Robert Seacord. "Specifications for Managed Strings." (Technical Report CMU/SEI-2006-TR-006). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 May. 2006. https://insights.sei.cmu.edu/library/specifications-for-managed-strings/. Accessed 23 Apr. 2024.

Burch, Hal; Long, Fred; & Seacord, Robert. Specifications for Managed Strings. CMU/SEI-2006-TR-006. Software Engineering Institute. 2006. https://insights.sei.cmu.edu/library/specifications-for-managed-strings/

Ask a question about this Technical Report