...
In most cases, the only portable operators on plain char types are assignment and equality operators (=, ==, != ). An exception is the translation to and from digits. For example, if the char c is a digit, c - '0' is a value between 0 and 9.
Non-Compliant Code Example
The following non-compliant code example simply illustrates calling the standard string handling function strlen() with a plain character string, a signed character string, and an unsigned character string:
...
| Wiki Markup |
|---|
If this C code were compiled using a C+\+ compiler, conversions from {{unsigned char\[\]}} to {{const char *}} and from {{signed char\[\]}} to {{const char *}} would be be flagged as errors requiring casts. |
Compliant Solution
The compliant solution uses plain char for character data.
...
Conversions are not required and the code compiles cleanly at high warning levels without casts.
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR07-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
Automated Detection
Fortify SCA Version 5.0 with CERT C Rule Pack can detect violations of this recommendation, except cases involving signed char.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.2.5, "Types" \[[MISRA 04|AA. C References#MISRA 04]\] Rule 6.1, "The plain char type shall be used only for the storage and use of character values" |
...
STR06STR03-A. Do not assume that strtok() leaves the parse string unchangedinadvertently truncate a null-terminated byte string 07. Characters and Strings (STR) STR05-A. Prefer making string literals const-qualified