SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 117

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

According to the C Standard, 7.4.1 paragraph 1 [ISO/IEC 9899:20112024],

The header <ctype.h> declares several functions useful for classifying and mapping characters. In all cases the argument is an int, the value of which shall be representable as an unsigned char or shall equal the value of the macro EOF. If the argument has any other value, the behavior is undefined.

See also undefined behavior 113112.

This rule is applicable only to code that runs on platforms where the char data type is defined to have the same range, representation, and behavior as signed char.

...

Passing values to character handling functions that cannot be represented as an unsigned char to character handling functions is undefined behavior 112.

Rule

Severity

Likelihood

Detectable

Remediation CostRepairable

Priority

Level

STR37-C

Low

Unlikely

Yes

LowYes

P3

L3

Automated Detection

PRQA QA-C

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
ctype-limitsPartially checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-STR37Fully implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
MISC.NEGCHARNegative character value
Compass/ROSE

Could detect violations of this rule by seeing if the argument to a character handling function (listed above) is not an unsigned char

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.STR37

Fully implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C4413, C4414

C++3051

DF2796, DF2797, DF2798, DF2799


Klocwork
Include Page
Klocwork_V
Klocwork_V
AUTOSAR.STDLIB.CCTYPE.UCHAR
MISRA.ETYPE.ASSIGN.2012


LDRA tool suite
Include Page
LDRA_V
LDRA_V
663 SFully implemented
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-STR37-aDo not pass incorrect values to ctype.h library functions
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule STR37-C

Checks for invalid use of standard library integer routine (rule fully covered)

RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

ctype-limitsPartially checked
Security Reviewer - Static Reviewer

Include Page
Security Reviewer - Static Reviewer_V
Security Reviewer - Static Reviewer_V

UNSAFE_01Fully implementedPRQA QA-C_vPRQA QA-C_v4413, 4414Fully implemented PRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_Vcplusplus:PRQA QA-C++_V3051 RuleChecker
Include Page
RuleChecker_VRuleChecker_Vctype-limitsPartially checked
TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

valid_charPartially verified.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Bibliography

[ISO/IEC 9899:20112024]7.4.1, "Character Handling <ctype.h>"
[Kettlewell 2002]Section 1.1, "<ctype.h> and Characters Types"

...