...
See also undefined behavior 113112.
This rule is applicable only to code that runs on platforms where the char data type is defined to have the same range, representation, and behavior as signed char.
...
Passing values to character handling functions that cannot be represented as an unsigned char to character handling functions is undefined behavior 112.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
STR37-C | Low | Unlikely | Yes | LowYes | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| ctype-limits | Partially checked | ||||||
| Axivion Bauhaus Suite |
| CertC-STR37 | Fully implemented | ||||||
| CodeSonar |
| MISC.NEGCHAR | Negative character value | ||||||
| Compass/ROSE | Could detect violations of this rule by seeing if the argument to a character handling function (listed above) is not an | ||||||||
| CC2.STR37 | Fully implemented | |||||||
| Helix QAC |
| C4413, C4414 C++3051 DF2796, DF2797, DF2798, DF2799 | |||||||
| Klocwork |
| AUTOSAR.STDLIB.CCTYPE.UCHAR MISRA.ETYPE.ASSIGN.2012 | |||||||
| LDRA tool suite |
| 663 S | Fully implemented | ||||||
| Parasoft C/C++test |
| CERT_C-STR37-a | Do not pass incorrect values to ctype.h library functions | ||||||
| Polyspace Bug Finder |
| Checks for invalid use of standard library integer routine (rule fully covered) | |||||||
| RuleChecker |
| ctype-limits | Partially checked | ||||||
| Security Reviewer - Static Reviewer |
| UNSAFE_01 | Fully implemented | ||||||
| TrustInSoft Analyzer |
| valid_char | Partially verified. |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...