SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 140

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 141

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To correct this example, the loop termination condition must be modified to account for the null-termination character that is appended to dest.:

Code Block
bgColor#ccccff
langc
char dest[ARRAY_SIZE];
char src[ARRAY_SIZE];
size_t i;
/* ... */
for (i=0; src[i] && (i < sizeof(dest)-1); i++) {
  dest[i] = src[i];
}
dest[i] = '\0';
/* ... */

...

A more general solution is to use the snprintf() function.:

Code Block
bgColor#ccccff
langc
char* name; /* initialized externally */
char filename[128];
snprintf(filename, sizeof(filename), "%s.txt", name);
/* Open filename * /

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example.

Coverity6.5

STRING_OVERFLOW

STRING_SIZE

Fully Implemented.

Fully implemented.

Fortify SCA

5.0

 

 

Klocwork

Include Page
Klocwork_V
Klocwork_V

 

 

LDRA tool suite

Include Page
LDRA_V
LDRA_V

 

 

Splint

Include Page
Splint_V
Splint_V

 

 

...