...
Making code reverse compatible to fit this standard sometimes breaks functionality but this is a good recommendation to follow on new code code
Risk Assessment
Modifying string literals can lead to abnormal program termination and results in undefined behavior that can be used in denial-of-service attacks.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR30-C | 1 (low) | 3 (likely) | 3 (low) | P9 | L2 |
Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.
References:
http://www.open-std.org/jtc1/sc22/wg21/docs/papers/1993/N0389.asc;
...