• Skip to main content
  • assistive.skiplink.to.breadcrumbs
  • assistive.skiplink.to.header.menu
  • assistive.skiplink.to.action.menu
  • assistive.skiplink.to.quick.search

Account disable/deletion announcement

Log in
Confluence
  • Spaces
  • Hit enter to search
  • Help
    • Online Help
    • Keyboard Shortcuts
    • Feed Builder
    • What’s new
    • Available Gadgets
    • About Confluence
  • Log in

SEI CERT C++ Coding Standard
SEI CERT C++ Coding Standard
  • Pages
  • Boards

Space shortcuts

  • Dashboard
  • Secure Coding Home
  • Android
  • C
  • C++
  • Java
  • Perl

Page tree

Browse pages
    • Attachments (0)
    • Page History
    • Page Information
    • Resolved comments
    • View in Hierarchy
    • View Source
    • Export to PDF
    • Export to Word
  1. Pages
  2. SEI CERT C++ Coding Standard
  3. 2 Rules
  • Jira links

Rule 05. Characters and Strings (STR)

  • Created by Aaron Ballman, last modified by David Svoboda on Mar 15, 2022

  • Page:
    STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator
  • Page:
    STR51-CPP. Do not attempt to create a std::string from a null pointer
  • Page:
    STR52-CPP. Use valid references, pointers, and iterators to reference elements of a basic_string
  • Page:
    STR53-CPP. Range check element access

 

The following rules from the SEI CERT C Coding Standard also apply in C++:

  • Page:
    STR30-C. Do not attempt to modify string literals
  • Page:
    STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
  • Page:
    STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
  • Page:
    STR34-C. Cast characters to unsigned char before converting to larger integer sizes
  • Page:
    STR37-C. Arguments to character-handling functions must be representable as an unsigned char
  • Page:
    STR38-C. Do not confuse narrow and wide character strings and functions

Information for Editors
To have a new guideline automatically listed above be sure to label it str and rule.

Risk Assessment Summary

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR50-CPPHighLikelyMedium

P18

L1

STR51-CPPHighLikelyMedium

P18

L1

STR52-CPPHighProbableHigh

P6

L2

STR53-CPPHighUnlikelyMedium

P6

L2

 


 

  • rule-list
  • rule
  • str
  • section
Overview
Content Tools
  • Powered by Atlassian Confluence 8.3.2
  • Printed by Atlassian Confluence 8.3.2
  • Report a bug
  • Atlassian News
Atlassian

Carnegie Mellon University
Software Engineering Institute
4500 Fifth Avenue
Pittsburgh, PA 15213-2612
412-268-5800

Contact Us
  • Office Locations|
  • Additional Sites Directory|
  • Legal|
  • Privacy Notice|
  • CMU Ethics Hotline|
  • www.sei.cmu.edu

©2020 Carnegie Mellon University

{"serverDuration": 83, "requestCorrelationId": "5ed1d104d6939771"}