According to MISRA 2008, concatenation of wide and narrow string literals leads to undefined behavior. This is an implicit undefined behavior according to C99 ISO/IEC 9899:1999.
Noncompliant Code Example
This noncompliant code example concatenates wide and narrow string literals. Although the behavior is undefined in this case, the programmer probably intended to create a wide string literal.
| Code Block | ||||
|---|---|---|---|---|
| ||||
wchar_t *msg = L"This message is very long, so I want to divide it "
"into two parts.";
|
Compliant Solution (Wide String Literals)
If the concatenated string needs to be a wide string literal, each element in the concatenation must be a wide string literal, as in this compliant solution.
| Code Block | ||||
|---|---|---|---|---|
| ||||
wchar_t *msg = L"This message is very long, so I want to divide it "
L"into two parts.";
|
Compliant Solution (Narrow String Literals)
If wide string literals are unnecessary, it is better to use narrow string literals, as in this compliant solution.
| Code Block | ||||
|---|---|---|---|---|
| ||||
char *msg = "This message is very long, so I want to divide it "
"into two parts.";
|
Risk Assessment
The concatenation of wide and narrow string literals leads to undefined behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR10-C | low | probable | medium | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
MISRA Rule 2-13-5