SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 28

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 29

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

String literals are constant and should consequently be protected by the const qualification. This recommendation supports rule STR30-C. Do not attempt to modify string literals.

Non-Compliant Code Example

...

L2

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR05-A

1 (low)

3 (likely)

2(medium)

P6

P0

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References:

Wiki Markup
[http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc]
\[[ISO/IEC 9899-1999:TC2|AA. C References#ISO/IEC 9899-1999TC2]\] Section 6.7.8, "Initialization"
\[Lockheed Martin 2005\] Lockheed Martin. Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program. Document Number 2RDU00001, Rev C. December 2005.     AV Rule 151.1