According to Section 7.4 of C99 (see also undefined behavior 107 of Appendix J):
The header
<ctype.h>declares several functions useful for classifying and mapping characters. In all cases the argument is anint, the value of which shall be representable as anunsigned charor shall equal the value of the macroEOF. If the argument has any other value, the behavior is undefined.
(See also undefined behavior 107 of Appendix J.)
Compliance with this rule is complicated by the fact that the char data type might, in any implementation, be signed or unsigned.
...
A generalization of this rule is guideline STR34-C. Cast characters to unsigned types before converting to larger integer sizes.
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR37-C | low | unlikely | low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : STR37-CPP. Arguments to character handling functions must be representable as an unsigned char.
Bibliography
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.4, "Character handling <{{ctype.h}}>"
\[[Kettlewell 022002|AA. Bibliography#Kettle 02]\] Section 1.1, "<{{ctype.h}}> And Characters Types"
\[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 704|http://cwe.mitre.org/data/definitions/704.html], "Incorrect Type Conversion or Cast," [CWE ID 686|http://cwe.mitre.org/data/definitions/686.html], "Function Call With Incorrect Argument Type" |
...