...
In cases where the string is meant to be modified, use initialization instead of assignment. In this compliant solution, c is a modifiable wchar_t array which array that has been initialized using the contents of the corresponding string literal.
...
Tool | Version | Checker | Description | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE |
|
|
| |||||||||
| 157 S | Partially implementedCompass/ROSE | ||||||||||
|
|
| PRQA QA-C |
| 0752 0753 | Partially implemented |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
ISO/IEC 9899:2011 Section 6.7.9, "Initialization"
Bibliography
| [Corfield 1993] | |
| [Lockheed Martin 2005] | AV Rule 151.1 |
...