Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Content by Label
showLabelsfalse
maxResults99
label+str,+rule,-void
showSpacefalse
sorttitle
space@self
cqllabel = "rule" and label = "str" and label != "void" and space = currentSpace()

Info

Information for Editors
In order to have a new guideline automatically listed above be sure to label it str and rule.

Risk Assessment Summary

Rule

Severity

Likelihood

Detectable

Repairable

Priority

Level

STR30-CLowLikelyNoYes

P6

L2

STR31-CHighLikelyNoNo

P9

L2

STR32-CHighProbableNoYes

P12

L1

STR34-CMediumProbableYesNo

P8

L2

STR37-CLowUnlikelyYesYes

P3

L3

STR38-CHighLikelyYesNo

P18

L1

Related Rules and Recommendations

Navigation Map
char-strings
char-strings
cellWidth700
wrapAfter1
cellHeight15

...

Image Added Image Added Image Added

Strings are a fundamental concept in software engineering, but they are not a built-in type in C. Null-terminated byte strings consist of a contiguous sequence of characters terminated by and including the first null character. The C programming language supports the following types of null-terminated byte strings: single byte character strings, multibyte character strings, and wide character strings. Single byte and multibyte character strings are both described as null-terminated byte strings.

A pointer to a single byte or multibyte character string points to its initial character. The length of the string is the number of bytes preceding the null character, and the value of the string is the sequence of the values of the contained characters, in order.

A wide string is a contiguous sequence of wide characters terminated by and including the first null wide character. A pointer to a wide string points to its initial (lowest addressed) wide character. The length of a wide string is the number of wide characters preceding the null wide character, and the value of a wide string is the sequence of code values of the contained wide characters, in order.

Null-terminated byte strings are implemented as arrays of characters and are susceptible to the same problems as arrays. As a result, rules and recommendations for arrays should also be applied to null-terminated byte strings.

Recommendations

STR00-A. Use TR 24731 for remediation of existing string manipulation code

STR01-A. Use managed strings for development of new string manipulation code

STR02-A. Sanitize data passed to complex subsystems

STR03-A. Do not inadvertently truncate a null terminated byte string

Rules

STR30-C. Do not attempt to modify string literals

STR31-C. Guarantee that copies are made into storage of sufficient size

STR32-C. Allocate adequate space when copying bounded strings

STR33-C. Guarantee that all strings are null-terminated

STR35-C. Size wide character strings correctly

Risk Assessment Summary

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

STR00-A

3 (medium)

2 (probable)

2 (medium)

P12

L1

STR01-A

3 (high)

2 (probable)

1 (high)

P6

L2

STR02-A

2 (medium)

3 (likely)

2 (medium)

P12

L1

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR30-C

1 (low)

3 (likely)

3 (low)

P9

L2

STR31-C

3 (high)

3 (likely)

2 (low)

P18

L1

STR32-C

3 (medium)

3 (probable)

2 (medium)

P18

L1

STR33-C

3 (high)

2 (probable)

2 (medium)

P12

L1

STR34-C

1 (low)

1 (unlikely)

2 (medium)

P2

L3

STR35-C

3 (medium)

3 (probable)

2 (medium)

P18

L1

References

...