Abstract data types are not restricted to object-oriented languages like C++ and Java and should be created and used in C language programs , as well. Abstract data types are most effective when used with private (opaque) data types and information hiding.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
struct string_mx {
size_t size;
size_t maxsize;
unsigned char strtype;
char *cstr;
};
typedef struct string_mx string_mx;
/* Function declarations */
extern errno_t strcpy_m(string_mx *s1, const string_mx *s2);
extern errno_t strcat_m(string_mx *s1, const string_mx *s2);
/* etc. */
|
...
In the external string_m.h file, the string_mx type is defined to be an instance of struct string_mx, which , in turn , is declared as an incomplete type.
| Code Block | ||||
|---|---|---|---|---|
| ||||
struct string_mx;
typedef struct string_mx string_mx;
/* Function declarations */
extern errno_t strcpy_m(string_mx *s1, const string_mx *s2);
extern errno_t strcat_m(string_mx *s1, const string_mx *s2) ;
/* etc. */
|
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
struct string_mx {
size_t size;
size_t maxsize;
unsigned char strtype;
char *cstr;
};
|
Modules that implement the abstract data type include both the external and internal definitions, while whereas users of the data abstraction include only the external string_m.h file. This allows the implementation of the string_mx data type to remain private.
...
The use of opaque abstract data types, while though not essential to secure programming, can significantly reduce the number of defects and vulnerabilities introduced in code, particularly during ongoing maintenance.
...
Tool | Version | Checker | Description | section|||||||
|---|---|---|---|---|---|---|---|---|---|---|
| | Section | 352 S section | Fully Implementedimplemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
ISO/IEC 9899:19992011 Section 6.2.5, "Types"
Bibliography
...