...
| | | |
| | | |
| | | |
| | | |
Non-Compliant Code Example
This non-compliant code example may pass invalid values to the isspace() function.
| Code Block | ||
|---|---|---|
| ||
size_t count_whitespace(char const *s, size_t length) {
char const *t = s;
while (isspace(*t) && (t - s < length)) /* possibly *t < 0 */
++t;
return t - s;
}
|
Compliant Solution (Unsigned Char)
Pass character strings around explicitly using unsigned characters.
...
| Wiki Markup |
|---|
This approach is inconvenient when you need to interwork with other functions that haven't been designed with this approach in mind, such as the string handling functions found in the standard library \[[Kettlewell 02|AA. C References#Kettlewell 02]\]. |
Compliant Solution (Cast)
This compliant solution uses a cast.
| Code Block | ||
|---|---|---|
| ||
size_t count_whitespace(char const *s, size_t length) {
char const *t = s;
while (isspace((unsigned char)*t) && (t - s < length))
++t;
return t - s;
}
|
Risk Assessment
Passing values to character handling functions that cannot be represented as an unsigned char may result in unintended program behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT37 STR37-C | low | unlikely | low | P3 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.4, "Character handling <ctype.h>" \[[Kettlewell 02|AA. C References#Kettle 02]\] Section 1.1, "<ctype.h> And Characters Types" |
...