...
At compile time, string literals are used to create an array of static storage duration of sufficient length to contain the character sequence and a null-termination character. It is unspecified whether these arrays are distinct. The behavior is undefined if a program attempts to modify string literals but frequently results in an access violation because string literals are typically stored in read-only memory. See also undefined behavior 33 of Annex J of the C standard Standard [ISO/IEC 9899:2011].
The returned value of the library functions strpbrk(), strchr(), strrchr(), wcspbrk(), wcschr(), and wcsrchr() and pointer to (or array of) const characters shall be treated as a string literal.
...
Tool | Version | Checker | Description | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE | Can detect simple violations of this rule. | |||||||||||
| 157 S | Partially implemented.Splint | ||||||||||
| PRQA QA-C |
| Splint
| Splint
|
| ||||||||
Compass/ROSE | Can detect simple violations of this rule. | |||||||||||
| 0556 | Partially implemented. | |||||||||||
Splint PRQA QA-C |
| 0556 | Partially implemented
|
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
| TR 17961 | (Draft) Modifying string literals [strmod] |
Bibliography
| [Summit 1995] | comp.lang.c FAQ list, Question 1.32 |
| [Plum 1991] | Topic 1.26, " |
...
| Strings—String Literals" |
...