SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 2

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

There are three distinct char character types, : (plain) char, signed char, and unsigned char. Use plain char for character data.

The signedness of the plain char type is implementation-defined and should not be relied upon.
The only permissible operators on plain char types are assignment and equality operators (=, ==, != ).

Non-Compliant Code Example

Code Block
bgColor#FFCCCC
unsigned char msg[100];

Compliant Solution

Code Block
bgColor#ccccff
char error_msg[100];

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR07-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 5.2.4.1, "Translation limits"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 6.1, "The plain char type shall be used only for the storage and use of character values."