...
memset()memset_s()fprintf()and related functions (For the length modifierc, if nollength modifier is present, theintargument is converted to anunsigned char, and the resulting character is written.)fputc()ungetc()memchr()
And and to arguments to the following library functions that are converted to char:
strchr()strrchr()- All of the functions listed in
<ctype.h>
The only integer type conversions that are guaranteed to be safe for all data values and all possible conforming implementations are conversions of an integral value to a wider type of the same signedness. The C Standard, subclause 6.3.1.3 [ISO/IEC 9899:2011], says,
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <string.h>
#include <stddef.h>
#include <limits.h>
int *init_memory(int *array, size_t n) {
return memset(array, 4096, n);
} |
...
In general, the memset() function should not be used to initialize an integer array unless it is to set or clear all the bits., as in this compliant solution:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <string.h>
#include <stddef.h>
#include <limits.h>
int *init_memory(int *array, size_t n) {
return memset(array, 0, n);
} |
...
| SEI CERT C Coding Standard | DCL03-C. Use a static assertion to test the value of a constant expression |
| CERT Oracle Secure Coding Standard for Java | NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data |
| ISO/IEC TR 24772:2013 | Numeric Conversion Errors [FLC] |
| MISRA C:2012 | Rule 10.1 (required) |
| MITRE CWE | CWE-192, Integer Coercion Error CWE-197, Numeric Truncation Error CWE-681, Incorrect Conversion between Numeric Types |
...