SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 14

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 20

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
void my_memset(size_t n, char p[n], char v) {
  memset(p, v, n);
}

Exceptions

API05-C-EX0: The extended array syntax is not supported by MSVC. Consequently, C programs that must support Windows need not use conformant array parameters. One option for portable code that must support MSVC is to use macros:

Code Block
bgColor#ccccff
langc
#include <stddef.h>
  
#if defined (_MSC_VER)
  #define N(x)
#else
  #define N(x)  (x)
#endif
  
int f(size_t n, int a[N(n)]);

Risk Assessment

Failing to specify conformant array dimensions increases the likelihood that another developer will invoke the function with out-of-range integers, which could cause an out-of-bounds memory read or write.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

API05-C

High

Probable

Medium

P12

L1

Bibliography

[ISO/IEC 9899:2011]Subclause 6.7.6.2, "Array Declarators"
Subclause 6.7.6.3, "Function Declarators (Including Prototypes)"

...


...

Image Modified Image Modified Image Modified