...
Confusing narrow and wide character strings can result in buffer overflows, data truncation, and other defects.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
STR38-C | High | Likely | Yes | NoLow | P27P18 | L1 |
Automated Detection
Modern compilers recognize the difference between a char * and a wchar_t *, so compiling code that violates this rule will generate warnings. It is feasible to have automated software that recognizes functions of improper width and replaces them with functions of proper width (that is, software that uses wcsncpy() when it recognizes that the parameters are of type wchar_t *).
...