ISO/IEC TR 24772-3:2020 编程语言 编程语言中避免漏洞的指南 第3部分：C

标准编号：ISO/IEC TR 24772-3:2020

中文名称：编程语言 编程语言中避免漏洞的指南 第3部分：C

英文名称：Programming languages — Guidance to avoiding vulnerabilities in programming languages — Part 3: C

发布日期：2020-05

标准范围

本文件规定了在安全、安全、任务关键型和业务关键型软件需要有保证的行为的系统开发中应避免的软件编程语言漏洞。一般而言，本指南适用于为任何应用程序开发、审查或维护的软件。本文档描述了ISO/IEC TR 24772-1中列出的漏洞在C语言中表现或避免的方式。

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application.
This document describes the way that the vulnerabilities listed in ISO/IEC TR 24772-1 are manifested or avoided in the C language.

标准预览图