...
Statically allocated strings assumes assume a fixed size character array, meaning that it is impossible to add data after the buffer is filled. Because the static approach discards excess data, actual program data can be lost. Consequently, the resulting string must be fully validated.
Dynamically allocated buffers dynamically resize as additional memory is required. Dynamic approaches scale better and do not discard excess data. The major disadvantage is that if inputs are not limited they can exhaust memory on a machine consequently be used in denial-of-service attacks.
| Wiki Markup |
|---|
DynamicalDynamic allocation is often disallowed in safety critical systems. For example, the MISRA standard requires that "Dynamic heap memory allocation shall not be used" \[[MISRA 04|AA. C References#MISRA 04]\]. Some safety critical systems can take advantage of dynamic memory allocation during initialization, but not during operations. For example, avionics software may dynamically allocate memory while initializing the aircraft, but not during flight. |
...