SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 58

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 59

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following noncompliant code example simply shows the standard string-handling function strlen() being called with a plain character string, a signed character string, and an unsigned character string. The strlen() function takes a single argument of type const char *.:

Code Block
bgColor#FFCCCC
langc
size_t len;
char cstr[] = "char string";
signed char scstr[] = "signed char string";
unsigned char ucstr[] = "unsigned char string";

len = strlen(cstr);
len = strlen(scstr);  /* warns when char is unsigned */
len = strlen(ucstr);  /* warns when char is signed */

...

The compliant solution uses plain char for character data.:

Code Block
bgColor#ccccff
langc
size_t len;
char cstr[] = "char string";

len = strlen(cstr);

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

 

ECLAIR
Include Page
ECLAIR_V
ECLAIR_V

charsgnd

Fully implemented.

EDG

 

 

 

Fortify SCA

5.0

 

Can detect violations of this rule with CERT C Rule Pack, except cases involving signed char.

PRQA QA-C
Include Page
PRQA_V
PRQA_V
0432 (C)Partially implemented

...

CERT C++ Secure Coding StandardSTR04-CPP. Use plain char for characters in the basic character set
MISRA - C:2012Rule 610.1 through Rule 10.4 (required)

 

...