Prefer type definitions (typedef) to macro definitions (#define) when encoding types. Type definitions obey scope rules; macro definitions do not. Type definitions can also correctly encode pointer types because they are not implemented as simple textual substitution. In the following declaration, the variable p is declared as a constant pointer to char [Summit 2005]:
typedef char *NTCS; const NTCS p = &data;
Noncompliant Code Example
In this noncompliant code example, s1 is declared as char *, but s2 is declared as a char, which is probably not what the programmer intended:
#define cstring char * cstring s1, s2;
This noncompliant code example also violates DCL04-C. Do not declare more than one variable per declaration.
Compliant Solution
In this compliant solution, both s1 and s2 are declared as char *:
typedef char * cstring; cstring s1; cstring s2;
The compliant solution violates DCL05-C. Use typedefs of non-pointer types only, but effectively demonstrates the difference between type definitions and macro replacements.
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
PRE03-C | low | unlikely | medium | P2 | L3 |
Automated Detection
| Tool | Version | Checker | Description |
|---|---|---|---|
| 1.2 | CC2.PRE03 | Fully implemented | |
| 9.7.1 | 79 S | Fully implemented | |
| PRQA QA-C | Unable to render {include} The included page could not be found. | 3413 | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | PRE03-CPP. Prefer typedefs to defines for encoding types |
| ISO/IEC TR 24772:2013 | Pre-processor Directives [NMP] |
Bibliography