SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Kazunori Takeuchi

Saved on

compared with

New Version 7

changes.mady.by.user Kazunori Takeuchi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
According to \[[MISRA 08|AA. C References#MISRA 08]\], concatenation of wide and narrow string literals leads to undefined behavior. This is an inplicit undefined behavior according to C99 \[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\].

Noncompliant Code Example

This noncompliant code example concatenates wide and narrow string literals. The behavior is undefined in this case.

Code Block
bgColor#ffcccc
wchar_t *msg = L"This message is very long, so I want to divide it "
                "into two parts.";

Compliant Solution (wide string literals)

If the concatenated string needs to be a wide string literal, each element in the concatenation has to be a wide string literal.

Code Block
bgColor#ccccff
wchar_t *msg = L"This message is very long, so I want to divide it "
               L"into two parts.";

Compliant Solution (narrow string literals)

If wide string literals are not necessary, it is better to use narrow string literals.

Code Block
bgColor#ccccff
char* msg = "This message is very long, so I want to divide it "
            "into two parts.";

Risk Assessment

Concatenation of wide and narrow string literals leads to undefined behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ENV30-C

low

probable

medium

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[MISRA 08|AA. C References#MISRA 08]\] Rule 2-13-5