An object has a storage duration that determines its lifetime. There are three storage durations: static, automatic, and allocated.
| According to \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]: | 
The lifetime of an object is the portion of program execution during which storage is guaranteed to be reserved for it. An object exists, has a constant address, and retains
its last-stored value throughout its lifetime. If an object is referred to outside of its lifetime, the behavior is undefined. The value of a pointer becomes indeterminate when
the object it points to reaches the end of its lifetime.
This non-compliant code example declares the variable p as a pointer to a constant char with file scope.  The value of str is assigned to p within the dontDoThis() function.  However, str has automatic storage duration so the lifetime of str ends when the dontDoThis() function exits.  
| 
const char *p;
void dontDoThis() {
    const char str[20] = "This will change";
    p = str; // dangerous
    ...
}
void innocuous() {
    const char str[20] = "Surprise, surprise";
}
...
dontDoThis();
innocuous();
// now, it is likely that p is pointing to "Surprise, surprise"
 | 
As a result of this undefined behavior, it is likely that p will refer to the string literal "Surprise, surprise" after the call to the innocuous() function.
In this compliant solution, the pointer to the constant char p is moved within the thisIsOK() to prevent this variable from being accessed outside of the function.
| 
void thisIsOK() {
    const char str[20] = "Everything OK";
    const char *p = str;
    ...
}
// pointer p is now inaccessible outside the scope of string str
 | 
Referencing an object outside of its lifetime could result in an attacker being able to run arbitrary code.
| Rule | Severity | Likelihood | Remediation Cost | Priority | Level | 
|---|---|---|---|---|---|
| DCL30-C | 3 (high) | 2 (probable) | 1 (high) | P6 | L2 |