Page History

...

It is common for an array variable to be initialized by a string literal and declared with an explicit bound that matches the number of characters in the string literal. Section Subclause 6.7.9, paragraph 14, of the C Standard [ISO/IEC 9899:2011], says:

...

Implementation Details

This code produces a compilation error in MSVC 2008. It compiles code compiles with no warning in Visual Studio 2012 and GCC 4.3.3. It produces a three-character array with no terminating null character, as specified by the standard.

...

Code Block

bgColor	#ccccff
lang	c

char s[3] = { 'a', 'b', 'c' }; /* NOT a string. */

Also, you should make clear in comments or documentation if a character array is, in fact, not a null-terminated byte string.

...

Code Block

bgColor	#ccccff
lang	c

#include <string.h>
 
void func(void) {
  char s[10] = "abc";
  strcpy(&s[3], "def");
}

Risk Assessment

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
STR36-C	high	probable	low	P18	L1

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding Standard	ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer STR32-C. Null-terminate byte strings as required
CERT C++ Secure Coding Standard	STR36-CPP. Do not specify the bound of a character array initialized with a string literal
ISO/IEC TR 24772:2013	String Termination [CJM]

...

[ECTC 1998]	Section A.8, "Character Array Initialization"
[ISO/IEC 9899:2011]	Section Subclause 6.7.9, "Initialization"
[Seacord 2013]	Chapter 2, "Strings"

...

Space shortcuts

Page tree

Versions Compared

Old Version 66

New Version 67

Key

Implementation Details

Risk Assessment

Related Guidelines