For portable applications, use only the assignment =
operator, the equality operators ==
and !=
, and the unary &
operator on plain-character-typed or plain-wide-character-typed expressions.
This is practice is recommended because the C99 standard C Standard requires only the digit characters ('0' - '9'0–9) to have consecutive numerical values. Consequently, operations that rely on expected values for plain-character- or plain-wide-character-typed expressions can lead to unexpected behavior.
...
- The binary
+
operator may be used to add integer values from 0 to through 9 to'0'
. - The binary
-
operator may be used to subtract character ' 0'. - Relational operators
<
,<=
,>
, and>=
can be used to check whether a character or wide character is a digit.
Character types should be chosen and used in accordance with recommendation STR04-C. Use plain char for characters in the basic character set.
...
This noncompliant code example attempts to determine if the value of a character variable is between 'a'
and 'c'
inclusive. However, because the C99 standard C Standard does not require the letter characters to be in consecutive or in alphabetical or alphabetic order, the check might not work as expected.
Code Block | ||||
---|---|---|---|---|
| ||||
char ch = 'b';
if ((ch >= 'a') && (ch <= 'c')) {
/* ... */
}
|
...
In this example, the specific check is enforced using compliant operations on character expressions.:
Code Block | ||||
---|---|---|---|---|
| ||||
char ch = 't';
if ((ch == 'a') || (ch == 'b') || (ch == 'c')) {
/* ... */
}
|
Exceptions
STR09-C-EX0EX1: Consecutive values for characters like a~z
can be assumed on platforms where ASCII or Unicode is used. This recommendation is primarily concerned with platform portability, for example, if code is migrated from ASCII systems to non-ASCII systems.
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
STR09-C |
Low |
Unlikely |
Low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
Astrée |
| Supported indirectly via MISRA C:2012 rule 10.1. | |||||||
Axivion Bauhaus Suite |
| CertC-STR09 | |||||||
Helix QAC |
| C2106, C2107 | |||||||
LDRA tool suite |
| 329 S | Fully implemented | ||||||
Parasoft C/C++test |
| CERT_C-STR09-a | Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than =, ==, != and the unary & operator | ||||||
PC-lint Plus |
| 9209 | Fully supported | ||||||
RuleChecker |
| Supported indirectly via MISRA C:2012 rule 10.1. |
Related Guidelines
...
...
Bibliography
[Jones 2009] | Section 5.2.1, "Character |
...
Sets" |
...