...
Null-terminated byte strings are implemented as arrays of characters and are susceptible to the same problems as arrays. As a result, rules and recommendations for arrays should also be applied to null-terminated byte strings.
The C standard uses the general philosophy outlined below for choosing character types, though it is not explicitly stated in one place.
signed char and unsigned char:
- Can be used for small integer values.
"plain" char:
- The type of a character constant.
- The type of each element of a string literal.
- Used for character data (where signedness has little meaning) as opposed to integer data.
int:
- Used for data that could be either EOF (a negative value) or character data interpreted as
unsigned charand then converted toint. - Therefore, returned by
fgetc(),getc(),getchar(), andungetc(). - Therefore, accepted by the character handling functions (from
<ctype.h>), because they might be passed the result offgetc()et al.
unsigned char:
- Used internally for string comparison functions, even though these operate on character data. Therefore, the result of a string comparison does not depend on whether plain
charis signed or not. - Used for situations where the object being manipulated might be of any type, and it is necessary to access all bits of that object, as with
fwrite().
Recommendations
STR00-A. Use TR 24731 for remediation of existing string manipulation code
...