SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 3

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 4

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.1 (sch jbop) (X_X)@==(Q_Q)@

...

The managed string library is based on a dynamic approach in which memory is allocated and reallocated as required. This approach eliminates the possibility of unbounded copies, NULLnull-termination errors, and truncation by ensuring there is always adequate space available for the resulting string (including the terminating NULL null character).

A runtime-constraint violation occurs when memory cannot be allocated. In this way, the managed string library accomplishes the goal of succeeding or failing in a pronounced manner.

The managed string library also provides a mechanism for dealing with data sanitization by (optionally) checking that all characters in a string belong to a predefined set of "safe" characters.

The following code illustrates shows how the managed string library can be used to create a managed string and retrieve a NULLnull-terminated byte string from the managed string.

Code Block
errno_t retValue;
char *cstr;  /* pointer to NULLnull-terminated byte string */
string_m str1 = NULL;

retValue = strcreate_m(&str1, "hello, world", 0, NULL);
if (retValue != 0)) {
  fprintf(stderr, "Error %d from strcreate_m.\n", retValue);
}
else { /* retrieve NULLnull-terminated byte string and print */
  retValue = getstr_m(&cstr, str1);
  if (retValue != 0) {
    fprintf(stderr, "error %d from getstr_m.\n", retValue);
  }
  printf("(%s)\n", cstr);
  free(cstr); /* free NULLnull-terminated byte string */
  cstr = NULL;
}

Wiki Markup
Note that the calls to {{fprintf()}} and {{printf()}} are C99 \[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] standard functions and not managed string functions.

...

Wiki Markup
String handling functions defined in C99 \[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21 and elsewhere are susceptible to common programming errors that can lead to serious, exploitable [vulnerabilities|BB. Definitions#vulnerability]. Managed strings, when used properly, can eliminate many of these errors, particularly in new development.

...

Wiki Markup
\[[Burch 06|AA. C References#Burch06]\]
\[[CERT 06c|AA. C References#CERT 06c]\]
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21, "String handling <string.h>"
\[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings"

...