The C Standard defines octal constants as a 0 followed by octal digits (0 1 2 3 4 5 6 7). Programming errors can occur when decimal values are mistakenly specified as octal constants.
Noncompliant Code Example
In this noncompliant code example, a decimal constant is mistakenly prefaced with zeros so that all the constants are a fixed length:
i_array[0] = 2719; i_array[1] = 4435; i_array[2] = 0042;
Although it may appear that i_array[2]
is assigned the decimal value 42, it is actually assigned the decimal value 34.
Compliant Solution
To avoid using wrong values and to make the code more readable, do not preface constants with zeroes if the value is meant to be decimal:
i_array[0] = 2719; i_array[1] = 4435; i_array[2] = 42;
Risk Assessment
Misrepresenting decimal values as octal can lead to incorrect comparisons and assignments.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL18-C | Low | Unlikely | Low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description |
Astrée | 24.04 | octal-constant | Fully checked |
Axivion Bauhaus Suite | 7.2.0 | CertC-DCL18 | |
CodeSonar | 8.1p0 | LANG.TYPE.OC | Octal constant |
Helix QAC | 2024.4 | C0339, C1272 | |
Klocwork | 2024.4 | MISRA.TOKEN.OCTAL.ESCAPE MISRA.TOKEN.OCTAL.INT | |
LDRA tool suite | 9.7.1 | 83 S | Fully Implemented |
Parasoft C/C++test | 2023.1 | CERT_C-DCL18-a | Octal and hexadecimal escape sequences shall be terminated |
PC-lint Plus | 1.4 | 9001 | Fully supported |
Polyspace Bug Finder | R2024a | CERT C: Rec. DCL18-C | Checks for use of octal constants (rec. fully covered) |
PVS-Studio | 7.34 | V536 | |
RuleChecker | 24.04 | octal-constant | Fully checked |
SonarQube C/C++ Plugin | 3.11 | OctalConstantAndSequence |
Related Guidelines
MISRA C:2012 | Rule 7.1 (required) |
4 Comments
David Svoboda
Victor, this looks like a good rule to work on. Comments:
Robert Seacord
I'm wondering how we can make this more enforceable. The NCE shows decimal constants and octal constants being assigned to different elements of an array. It would be easier to enforce that constraint. Also, we could insist that for any given variable, it can only be assigned and or compared to decimal or octal constants but not both. Opinions?
David Svoboda
You're talking as if decimal and octoal ints were actually two different types. That is, conversions between one and the other should be explicit. Sounds like a good idea to me. C99 doesn't distinguish them, of course, but a SA tool could.
Martin Sebor
I think that would lead to large numbers of false positives. For example, it's not uncommon to define
INT_MAX
to a decimal number (e.g.,2147483647
) butUINT_MAX
to hexadecimal (e.g.,0xffffffff
).