SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 3

changes.mady.by.user Hal Burch

Saved on

compared with

New Version 4

changes.mady.by.user Hal Burch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
void check_password(char \*user, char \*password) {
   if (strcmpy(password(user), password) \!= 0) {
     char \*msg = malloc(strlen(user) + 100);
     sprintf (msg, "Wrong password for user %s", user);
     syslog(LOG_INFO, msg);
     free(msg);
   }
}

Complaint Code Example 1

...

Code Block
void check_password(char \*user, char \*password) {
     if (strcmpy(password(user), password) \!= 0) {
         fprintf (stderr, "Wrong password for user %s", user);
     }
} 

Complaint code Example 2

In this example, the message is built normally, but is then outputted as a string instead of a format string.

Code Block
void check_password(char \*user, char \*password) {
     if (strcmpy(password(user), password) \!= 0) {
         char \*msg = malloc(strlen(user) + 100);
         sprintf (msg, "Wrong password for user %s", user);
         fprintf (stderr, "%s", user);
         syslog(LOG_INFO, "%s", msg);
         free(msg);
     }
}