SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 168

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 169

changes.mady.by.user Martin Sebor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Used {contentbylabel} macro to automatically update tables.

Recommendations

STR00-C. Represent characters using an appropriate type

STR01-C. Adopt and implement a consistent plan for managing strings

STR02-C. Sanitize data passed to complex subsystems

STR03-C. Do not inadvertently truncate a null-terminated byte string

STR04-C. Use plain char for characters in the basic character set

STR05-C. Use pointers to const when referring to string literals

STR06-C. Do not assume that strtok() leaves the parse string unchanged

STR07-C. Use TR 24731 for remediation of existing string manipulation code

STR08-C. Use managed strings for development of new string manipulation code

STR09-C. Don't assume numeric values for expressions with type plain character

STR10-C. Do not concatenate different type of string literals

Rules

STR30-C. Do not attempt to modify string literals

STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator

STR32-C. Null-terminate byte strings as required

STR33-C. Size wide character strings correctly

STR34-C. Cast characters to unsigned types before converting to larger integer sizes

STR35-C. Do not copy data from an unbounded source to a fixed-length array

STR36-C. Do not specify the bound of a character array initialized with a string literal

STR37-C. Arguments to character handling functions must be representable as an unsigned char

...

Content by Label
showLabelsfalse
maxResults99
label+str,+recommendation,-void
showSpacefalse
sorttitle
space@self
cqllabel = "recommendation" and label = "str" and label != "void" and space = currentSpace()
Info

Information for Editors
In order to have a new guideline automatically listed above be sure to label it str and recommendation.

Rules

Content by Label
showLabelsfalse
maxResults99
label+str,+rule,-void
showSpacefalse
sorttitle
space@self
cqllabel = "rule" and label = "str" and label != "void" and space = currentSpace()
Info

Information for Editors
In order to have a new guideline automatically listed above be sure to label it str and rule.

Risk Assessment Summary

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

STR00-C

medium

probable

low

P12

L1

STR01-C

low

unlikely

high

P1

L3

STR02-C

high

likely

medium

P18

L1

STR03-C

medium

probable

medium

P8

L2

STR04-C

low

unlikely

low

P3

L3

STR05-C

low

unlikely

low

P3

L3

STR06-C

medium

likely

medium

P12

L1

STR07-C

high

probable

medium

P12

L1

STR08-C

high

probable

high

P6

L2

STR09-C

low

unlikely

low

P3

L3

STR10-C

low

probable

medium

P4

L3

...