Page 6 of 31. Showing 310 results (0.027 seconds)
API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Standard, subclause 7.24 [ISO/IEC 9899:2011]: char *strncpy(char * restrict s1, const char * restrict s2, size_t n); char *strncat(char * restrict s1, const char … , size_t s1count, const char * restrict s2, size_t s2count, size_t n); char *improved_strncat(char * restrict s1, size_t s1count, const char * restrict s2, size_tMSC24-C. Do not use deprecated or obsolescent functions
{ BUFSIZE = 32 }; void complain(const char *msg) { static const char prefix[] = "Error: "; static const char suffix[] = "\n"; char buf[BUFSIZE]; strcpy(buf … by strcat_s() and strcpy_s(): #define __STDC_WANT_LIB_EXT1__ #include <string.h> #include <stdio.h> enum { BUFFERSIZE = 256 }; void complain(const char *msgSTR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
{ STR_SIZE = 32 }; size_t func(const char *source) { char c_str[STR_SIZE]; size_t ret = 0; if (source) { c_str[sizeof(c_str) - 1] = '\0 … ) This compliant solution is correct if the programmer's intent is to truncate the string: #include <string.h enum { STR_SIZE = 32 }; size_t func(const charDCL30-C. Declare objects with appropriate storage durations
, but it is invalid for c_str to go out of scope while p holds its address, as happens at the end of dont_do_this(). #include <stdio.h> const char *p; void dont_do_this(void) { const char c_str[] = "This will change"; p = c_str; /* Dangerous */ } void innocuous(void) { printf("%s\n", p); } int main(void) { dont_do_thisFIO30-C. Exclude user input from format strings
to stderr using the C Standard fprintf() function. #include <stdio.h> #include <stdlib.h> #include <string.h> void incorrect_password(const char *user) { int ret; /* User names are restricted to 256 or fewer characters */ static const char msg_format[] = "%s cannot be authenticated.\n"; size_t len = strlenDCL51-CPP. Do not declare or define a reserved identifier
the underscore prefix are reserved for future library implementations. #include <cstddef> unsigned int operator"" x(const char *, std::size_t); Compliant Solution (User … int operator"" _x(const char *, std::size_t); The name of the user-defined literal is operator"" _x and not _x, which would have otherwise been reservedAPI01-C. Avoid laying out strings in memory directly before sensitive data
. Noncompliant Code Example This noncompliant code example stores a set of strings using a linked list: const size_t String_Size = 20; struct node_s { char name … . Compliant Solution This compliant solution creates a linked list of strings but stores the next pointer before the string: const size_t String_Size = 20CTR58-CPP. Predicate function objects should not be mutable
values, or wrap the predicate function object in a std::reference_wrapper<T> (or an equivalent solution). Marking the function call operator as const is beneficial, but insufficient, because data members with the mutable storage class specifier may still be modified within a const member function. NoncompliantSTR11-C. Do not specify the bound of a character array initialized with a string literal
(counting the terminating '\0') than the array can hold: const char s[3] = "abc"; The size of the array s is 3, although the size of the string literal is 4 … storage to store the entire string literal, including the terminating null character. const char s[] = "abc"; This approach is preferred because the sizeEXP32-C. Do not access a volatile object through a nonvolatile reference
Parasoft C/C++test Parasoft_V CERT_C-EXP32-a A cast shall not remove any 'const' or 'volatile' qualification from the type of a pointer or reference … to pointer that removes const or volatile qualification (rule fully covered) RuleChecker RuleChecker_V pointer-qualifier-cast-volatile pointer-qualifier-cast