Two consecutive question marks signify the start of a trigraph sequence. All occurrences in a source file of the following sequences of three characters (ie. trigraph sequences) are replaced with the corresponding single character.
??= |
# |
|
??) |
] |
|
??! |
| |
||
|---|---|---|---|---|---|---|---|---|---|
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d4c3199d-d9e2-4de7-9e71-82f040a0be20"><ac:plain-text-body><![CDATA[ |
??( |
[ |
|
??' |
^ |
|
??> |
} |
]]></ac:plain-text-body></ac:structured-macro> |
??/ |
\ |
|
??< |
{ |
|
??- |
~ |
In this non-compliant code example, a++ will not be executed, as the trigraph sequence ??/ will be replaced by \, logically putting a++ on the same line as the comment.
// what is the value of a now??/ a++; |
Trigraph sequences can be successfully used for multi-line comments.
/??/ * what is the value of a now? *??/ / a++; |
This non-compliant code has the trigraph sequence of ??! included, which will be replaced by the character |.
size_t i;
/* assignment of i */
if (i > 9000) {
puts("Over 9000!??!");
}
|
The above code will print out Over 9000!| if a C99 Compliant compiler is used.
The compliant solution uses string concatenation to place the two question marks together, as they will be interpreted as beginning a trigraph sequence otherwise.
size_t i;
/* assignment of i */
if (i > 9000) {
puts("Over 9000!?""?!");
}
|
The above code will print out Over 9000!??!, as intended.
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
PRE05-A |
1 (low) |
1 (unlikely) |
2 (medium) |
P2 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[ISO/IEC 9899-1999:TC2|AA. C References#ISO/IEC 9899-1999TC2]\] Section 5.2.1.1, "Trigraph sequences" \[[Wikipedia|http://en.wikipedia.org/wiki/C_trigraph]\] "C Trigraphs" |