SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Shaun Hedrick

Saved on

compared with

New Version 17

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.1 (sch jbop) (X_X)@==(Q_Q)@

...

It is common for an array variable to be declared with both a string literal, and a size index which specifies the number of characters in the string literal. This is one too few characters to hold the string, since it does not account for the terminating null character. Such a sequence of characters has limited utility and has the potential to cause vulnerabilities if a null-terminated byte string is assumed. ThusAs a result, the size index for a character array must never be explicit.

...

Wiki Markup
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] 
\[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings"
[The Embedded C++ Programming Guide Lines|http://www.caravan.net/ec2plus/guide.html].  Version WP-GU-003. 6,Jan 1998 by the Embedded C++ Technical Committee A.8 Character array initialization

...