 
                            Passing narrow string arguments to wide string functions or wide string arguments to narrow string functions can lead to unexpected and undefined behavior 151. Scaling problems are likely (see because of the difference in size between wide and narrow characters. (See ARR39-C. Do not add or subtract a scaled integer to a pointer) because of the difference in size between wide and narrow characters..) Because wide strings are terminated by a null wide character and can contain null bytes, determining the length is also problematic.
Because wchar_t and char are distinct types, many compilers will produce a warning diagnostic if an inappropriate function is used. (see See MSC00-C. Compile cleanly at high warning levels.).
Noncompliant Code Example (Wide Strings with Narrow String Functions)
...
Confusing narrow and wide character strings can result in buffer overflows, data truncation, and other defects.
| Rule | Severity | Likelihood | Detectable | 
|---|
| Repairable | Priority | Level | 
|---|---|---|
| STR38-C | High | Likely | 
| Yes | No | 
| P18 | L1 | 
Automated Detection
Modern compilers recognize the difference between a char * and a wchar_t *, so compiling code that violates this rule will generate warnings. It is feasible to have automated software that recognizes functions of improper width and replaces them with functions of proper width (that is, software that uses wcsncpy() when it recognizes that the parameters are of type wchar_t *).
| Tool | Version | Checker | Description | ||||||
| Astrée | 
 | wide-narrow-string-cast wide-narrow-string-cast-implicit | Partially checked | ||||||
| Axivion Bauhaus Suite | 
 | CertC-STR38 | Fully implemented | ||||||
| Clang | 
 | -Wincompatible-pointer-types | 
0432
...
| CodeSonar | 
 | LANG.MEM.BO | Buffer Overrun | ||||||
| Coverity | 
 | PW | Implemented | ||||||
| Cppcheck Premium | 
 | premium-cert-str38-c | |||||||
| Helix QAC | 
 | C0432 C++0403 | |||||||
| Klocwork | 
 | CXX.DIFF.WIDTH.STR_AND_FUNC | |||||||
| Parasoft C/C++test | 
 | CERT_C-STR38-a | Do not confuse narrow and wide character strings and functions | ||||||
| PC-lint Plus | 
 | 2454, 2480, 2481 | Partially supported: reports illegal conversions involving pointers to char or wchar_t as well as byte/wide-oriented stream inconsistencies | ||||||
| Polyspace Bug Finder | 
 | Checks for misuse of narrow or wide character string (rule fully covered) | |||||||
| RuleChecker | 
 | wide-narrow-string-cast wide-narrow-string-cast-implicit | Partially checked | ||||||
| Security Reviewer - Static Reviewer | 
 | UNSAFE_02 | Fully implemented | ||||||
| TrustInSoft Analyzer | 
 | pointer arithmetic | Partially verified. | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
...
...