SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 77

changes.mady.by.user Roberto Bagnara

Saved on

compared with

New Version 78

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

According to the C Standard, Section subclause 7.4 [ISO/IEC 9899:2011],

The header <ctype.h> declares several functions useful for classifying and mapping characters. In all cases the argument is an int, the value of which shall be representable as an unsigned char or shall equal the value of the macro EOF. If the argument has any other value, the behavior is undefined.

...

Code Block
bgColor#FFcccc
langc
#include <ctype.h>
#include <stddef.h>
 
size_t count_preceding_whitespace(const char *s) {
  const char *t = s;

  /* possibly *t < 0 */
  while (*t && isspace(*t)) {
    ++t;
  }
  return t - s;
}

...

Code Block
bgColor#ccccff
langc
#include <ctype.h>
#include <stddef.h>
 
size_t count_preceding_whitespace(const char *s) {
  const char *t = s;

  while (*t && isspace((unsigned char)*t)) {
    ++t;
  }
  return t - s;
}

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding StandardSTR34-C. Cast characters to unsigned char before converting to larger integer sizes
CERT C++ Secure Coding StandardSTR37-CPP. Arguments to character handling functions must be representable as an unsigned char
ISO/IEC TS 17961 (Draft)Passing arguments to character-handling functions that are not representable as unsigned char [chrsgnext]
MITRE CWECWE-704, Incorrect type conversion or cast
CWE-686, Function call with incorrect argument type

Bibliography

[ISO/IEC 9899:2011]Section Subclause 7.4, "Character Handling <ctype.h>"
[Kettlewell 2002]Section 1.1, "<ctype.h> and Characters Types"

...