Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

07. Characters and Strings (STR)

Created by Robert C. Seacord, last modified by Alex Volkovitsky on May 29, 2008

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

STR00-A. Represent characters using an appropriate type

STR01-A. Adopt and implement a consistent plan for managing strings

STR02-A. Sanitize data passed to complex subsystems

STR03-A. Do not inadvertently truncate a NULL-terminated byte string

STR04-A. Use plain char for characters in the basic character set

STR05-A. Use pointers to const when referring to string literals

STR06-A. Do not assume that strtok() leaves the parse string unchanged

STR07-A. Use TR 24731 for remediation of existing string manipulation code

STR08-A. Use managed strings for development of new string manipulation code

Rules

STR30-C. Do not attempt to modify string literals

STR31-C. Guarantee that storage for strings has sufficient space for character data and the NULL terminator

STR32-C. Null-terminate byte strings as required

STR33-C. Size wide character strings correctly

STR34-C. Cast characters to unsigned types before converting to larger integer sizes

STR35-C. Do not copy data from an unbounded source to a fixed-length array

STR36-C. Do not specify the dimension of a character array initialized with a string literal

Risk Assessment Summary

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
STR00-A	medium	probable	low	P12	L1
STR01-A	high	probable	high	P6	L2
STR02-A	medium	likely	medium	P12	L1
STR03-A	low	unlikely	medium	P2	L3
STR04-A	low	unlikely	medium	P2	L3
STR05-A	low	unlikely	high	P1	L3
STR06-A	medium	probable	low	P12	L1
STR07-A	high	probable	medium	P12	L1
STR08-A	high	probable	high	P6	L2

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
STR30-C	low	likely	low	P9	L2
STR31-C	high	likely	medium	P18	L1
STR32-C	high	probable	medium	P12	L1
STR33-C	high	likely	medium	P18	L1
STR34-C	medium	probable	medium	P8	L2
STR35-C	high	likely	medium	P18	L1
STR36-C	high	probable	low	P18	L1

Related Rules and Recommendations

FIO20-C. Avoid unintentional truncation when using fgets() or fgetws()

FIO30-C. Exclude user input from format strings

FIO40-C. Reset strings on fgets() or fgetws() failure

FIO47-C. Use valid format strings

INT07-C. Use only explicitly signed or unsigned char type for numeric values

POS30-C. Use the readlink() function properly

STR37-C. Arguments to character-handling functions must be representable as an unsigned char

ARR38-C. Do not add or subtract an integer to a pointer if the resulting value does not refer to an element within the array 06. Arrays (ARR) STR00-A. Represent characters using an appropriate type

No labels