SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 4

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 5

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Non-Compliant Code Example

Code Block
bgColor#FFCCCC
    char string[] = "Hello secure coding wiki!";
    char *token;

    token = strtok(string, ' ');
    printf("%s\n", puts(token);

    while ( token = strtok(NULL, ' ') ) {
        printf("%s\n", puts(token);
    }

    /* further string manipulation onhas string[]been failsmodified */

In this example, the strtok() function is used to parse the first argument into space-delimited tokens; it will output each word from the string on a new line. However, after the while loop ends, string[] will have been modified to look like this: "Hello\0secure\0coding\0wiki\0". Any further manipulation of string operating on the assumption that it is still whole will see only "Hello" instead of the expected string value.

...