SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 45

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 46

changes.mady.by.user Arthur Hicken

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: font

...

Understanding how to represent characters and character strings can eliminate many common programming errors that lead to software vulnerabilities.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

STR00-C

Medium

Probable

Low

P12

L1

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
 

Supported, but no explicit checker
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
MISC.NEGCHARNegative Character Value
LDRA tool suite
Include Page
LDRA_V
LDRA_V
329 S, 432 SFully implemented
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2004-6_1Fully implemented
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
 

Supported, but no explicit checker
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S810
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID STR00-CPP. Represent characters using an appropriate type

Bibliography

[ISO/IEC 9899:2011]Subclause 6.2.6, "Representations of Types"
[Seacord 2013]Chapter 2, "Strings"

...


...