Page History

The There are three character types: char, signed char, and unsigned char are collectively called the character types. Compilers have the latitude to define char to have the same range, representation, and behavior as either signed char or unsigned char. Irrespective of the choice made, {{char}} is a separate type from the other two and is not compatible with either.

Use For characters in the basic character set, it does not matter which data type is used, except for type compatibility. Consequently, it is best to use plain char for character data for compatibility with standard string-handling functions.

The only permissible In most cases, the only portable operators on plain char types are assignment and equality operators (=, ==, != ).

Non-Compliant Code Example

. An exception is the translation to and from digits. For example, if the char c is a digit, c - '0' is a value between 0 and 9.

Noncompliant Code Example

This noncompliant code example simply shows the standard string-The following non-compliant code example simply illustrates calling the standard string handling function strlen() being called with a plain character string, a signed character string, and an unsigned character string. The strlen() function takes a single argument of type const char *:

#include <string.h>

int main(void) {
  size_t len;
  char cstr[] = "char string";
  signed char scstr[] = "signed char string";
  unsigned char ucstr[] = "unsigned char string";

  len = strlen(cstr);
  len = strlen(scstr);  /* warnsWarns when char is unsigned */
  len = strlen(ucstr);  /* warnsWarns when char is signed */
  return 0;
}

Compiling at high warning levels , in compliance with MSC00-AC. Compile cleanly at high warning levels causes warnings to be issue issued when converting

• Converting from unsigned char[] to const char * when char is signed

...

• Converting from signed char[] to const char * when char is defined to be unsigned

. Casts are required to eliminate these warnings, but excessive casts can make code difficult to read and hide legitimate warning messages.

If this C code were to compiled using a C++ compiler, conversions between from unsigned char[] to const char * and from signed char[] to const char * would be be flagged as errors requiring casts.

Compliant Solution

The compliant solution uses plain char for character data.:

#include <string.h>

int main(void) {
  size_t len;
  char cstr[] = "char string";

  len = strlen(cstr);
  return 0;
}

Risk Assessment

Conversions are not required, and the code compiles cleanly at high warning levels without casts.

Risk Assessment

Failing to use plain char for characters in the basic character set can lead to excessive casts and less effective compiler diagnostics.

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Related Guidelines

...

Image Added Image Added Image Added Wiki Markup\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.2.5, "Types" \[[MISRA 04|AA. C References#MISRA 04]\] Rule 6.1, "The plain char type shall be used only for the storage and use of character values."