SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 43

changes.mady.by.user Apoorv Dutta

Saved on

compared with

New Version 44

changes.mady.by.user Apoorv Dutta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • For func (p,n), where 'p' is the pointer, 'n' is the integer and 'func' is the library function, the value of â€˜n’ should not be greater than the effective size of the pointer. Also, in situations where 'n' is an expression (see nonsee <a href="#cs2">non-compliant code/compliant solution 2 2</a> below) the effective type of the pointer should be compatible with either the derived type of 'n' or unsigned char.
  • For func (p,q, n), where 'p' and 'q' are both pointers, 'n' is the integer and 'func' is the library function, the value of â€˜n’ should not be greater than the effective size of any of the two pointers ('p' and 'q'). The effective type of the 'p' should be compatible with the derived type of 'n' or unsigned char. Similarly, the effective type of the 'p' should be compatible with the effective type of 'q' or unsigned char.
  • For expression E of the form: T* q = func (n), where 'func' is a memory allocation function, the value of 'n' should not be less than sizeof (T). Also, the effective type of 'T' should be compatible with either the derived type of 'n' or unsigned char.

...

Note: A possibility of this code being safe would be on architectures where sizeof (int) is equal to sizeof (float).

...

<a name="cs2">Compliant Solution</a>

In this compliant solution, the derived type of 'n' is also float (since it is a sizeof expression and therefore the derived is equal to the type of the operand, which is float; see derived type above)

...

Note: A possibility of this code being safe would be on architectures where sizeof (int) is equal to sizeof (float).

Compliant Solution

This compliant solution makes sure that the value of 'n' is not greater the the minimum of effective sizes of *p and *q and the effective types of the two pointers is also same (float).

...

Code Block
bgColor#FFcccc
wchar_t *f7() {

	const wchar_t *p = L"Hello, World!";
	const size_t n = sizeof(p) * (wcslen(p) + 1);

	wchar_t *q = (wchar_t *)malloc(n);
	return q;

}

Compliant Solution

This compliant solution makes sure that the derived type of 'n' (wchar_t) is same as the type of 'T' (wchar_t). Also, the value of 'n' is not less than the size of 'T'.

...