SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

A data model defines the sizes assigned to standard data types. These data models are typically named using a XXXn pattern where X referes to a C type and n refers to a size (typically 32 or 64). ILP64, for example, means that int, long and pointer types are 64 bits wide, LP32 means that long and pointer are 32 bits wide, and LLP64 means that long long and pointer are 64 bits wide.

Data Type

LP32

ILP32

ILP64

LLP64

LP64

char

8

8

8

8

8

short

16

16

16

16

16

int

16

32

64

32

32

long

32

32

64

32

64

long long

 

 

 

64

 

pointer

32

32

64

64

64

The following observations are derived from the Development Tutorial by Marco van de Voort [van de Voort 07]:

  • Standard programming model for current (Intel family) PC processors is ILP32.
  • One issue with long in C was that there are both codebases that expect pointer and long to have the same size, while there are also large codebases that expect int and long to be the same size. The compability model LLP64 was designed to preserve long and int compability by introducing a new type to remain compatible with pointer (long long)
  • LLP64 is the only data model that defines a size for the long long type.
  • LP32 is used as model for the win-16 APIs of Windows 3.1.
  • Most Unixes use LP64, primarily to conserve memory space compared to ILP64, including: 64-bit Linux, FreeBSD, NetBSD, and OpenBSD.
  • Win64 uses the LLP64 model (also known as P64). This model conserves type compability between long and int, but looses type compability between long and pointer types. Any cast between a pointer and an existing type requires modification.
  • ILP64 is the easiest model to work with, because it retains compability with the ubiquitous ILP32 model, except specific assumptions that the core types are 32-bit. However this model requires significant memory, and both code and data size significantly increase.

Risk Assessment

Understanding the data model used by your implementation is necessary to avoid making errors about the range of values that can be represented using integer types.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

INT00-A

1 (low)

1 (unlikely)

1 (high)

P1

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[[van de Voort 07]]
[[Open Group 97]]

  • No labels