SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 4

changes.mady.by.user Victor Vilchis

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The C ISO Standard defines octal constants as a 0 followed by octal digits (0 1 2 3 4 5 6 7).

This can lead to programming errors in constants that are meant to be taken by their decimal value, especially when declaring multiple constants and preserving fixed length.

Example

When declaring integer constants as in:

Programming errors can occur when decimal values are mistakenly specified as octal constants.

Noncompliant Code Example

In this noncompliant code example, a decimal constant is mistakenly prefaced with zeros so that all the constants are a fixed length:

Code Block
bgColor#FFCCCC
langc
Code Block

i_array[0] = 2192719;
i_array[1] = 042;

The constant

Code Block

042

is interpreted as octal, with decimal value

Code Block

34

Which might or might not be what the programmer wanted.

Risk assesment

4435;
i_array[2] = 0042;

Although it may appear that i_array[2] is assigned the decimal value 42, it is actually assigned the decimal value 34.

Compliant Solution

To avoid using wrong values and to make the code more readable, do not preface constants with zeroes if the value is meant to be decimal:

Code Block
bgColor#CCCCFF
langc
i_array[0] = 2719;
i_array[1] = 4435;
i_array[2] =   42;

Risk Assessment

Misrepresenting decimal values as octal can lead to incorrect comparisons and assignmentsMisinterpreting decimal values as octal could lead to an incorrect value being written into code.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL18-C

low

Low

unlikely

Unlikely

low

Low

P3

L3

References

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
octal-constantFully checked
Axivion Bauhaus Suite
Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V
CertC-DCL18
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.TYPE.OCOctal constant
Helix QAC
Include Page
Helix QAC_V
Helix QAC_V
C0339, C1272
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.TOKEN.OCTAL.ESCAPE
MISRA.TOKEN.OCTAL.INT
LDRA tool suite 
Include Page
LDRA_V
LDRA_V
83 SFully Implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-DCL18-a
CERT_C-DCL18-b

Octal and hexadecimal escape sequences shall be terminated
Octal constants (other than zero) shall not be used

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

9001

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. DCL18-CChecks for use of octal constants (rec. fully covered)


PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V536
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
octal-constantFully checked
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
OctalConstantAndSequence

Related Guidelines

MISRA C:2012Rule 7.1 (required)


...

Image Added Image Added Image Added Wiki Markup\[[ISO/IEC 9899:1999|cplusplus:AA. C References#ISO/IEC 9899-1999]\] Section 6.4.4.1 "Integer constants" \[cplusplus:MISRA 04\] Section 6.7 Rule 7.1