SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 31

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 32

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Minor edits; reviewed

Section Subclause 7.27.3.1 of the C Standard [ISO/IEC 9899:2011] provides the following sample implementation of the asctime() function:

...

Code Block
bgColor#ccccff
langc
#define __STDC_WANT_LIB_EXT1__ 1
#include <time.h>
 
void func(void) {
  struct tm time_tm;
  const size_t maxsize = 26; /* or maximum size of time string */; 
  char buffer[maxsize];

  /* Initialize time_tm */
 
  if (asctime_s(buffer, maxsize, &time_tm)) {
    /* Handle error */
  }
}

...

Code Block
bgColor#ccccff
langc
#include <time.h>
 
void func(void) {
  struct tm time;
  const size_t maxsize = 26; /* or maximum size of time string */;
  char s[maxsize];
  const char *format = "%c"; /* current time representation for locale */
  const char *format = "%c";
  const struct tm *timeptr;

  size_t size = strftime(s, maxsize, format, timeptr);
}

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC33-C

highHigh

likelyLikely

lowLow

P27

L1

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding StandardMSC34-C. Do not use deprecated or obsolete functions

Bibliography

[ISO/IEC 9899:2011]Section Subclause 7.27.3.1, "The asctime Function"
[Open Group 2008]"asctime, asctime_r—Convert Date and Time to a String"

...