标准摘要
[中文适用范围]: 本文件规定了软件编程语言漏洞,这些漏洞在开发 assured behaviour(保证行为)要求下使用的系统时应避免。通常,此指南适用于任何应用程序开发、审查或维护的软件。本文档描述了 ISO/IEC TR 24772-1 中列出的漏洞在 C 语言中是如何表现或避免的。 [外文原描述]: This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. This document describes the way that the vulnerabilities listed in ISO/IEC TR 24772-1 are manifested or avoided in the C language.
英文名称Programming languages - Guidance to avoiding vulnerabilities in programming languages - Part 3: C