SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

According to MISRA 2008, concatenation of wide and narrow string literals leads to undefined behavior. This was once considered implicitly undefined behavior. However, [ISO/IEC 9899:2011] does define this behavior, and it is further explained in C11. According to Section 6.4.5, paragraph 5:

In translation phase 6, the multibyte character sequences specified by any sequence of adjacent character and identically-prefixed string literal tokens are concatenated into a single multibyte character sequence. If any of the tokens has an encoding prefix, the resulting multibyte character sequence is treated as having the same prefix; otherwise, it is treated as a character string literal. Whether differently-prefixed wide string literal tokens can be concatenated and, if so, the treatment of the resulting multibyte character sequence are implementation-defined.

Nonetheless, it is recommended that string literals that are concatenated should all be the same type, so as not to rely on implementation-defined behavior, or undefined behavior if compiled on a platform that only supports C90.

Noncompliant Code Example

This noncompliant code example concatenates wide and narrow string literals. Although the behavior is undefined in this case, the programmer probably intended to create a wide string literal.

wchar_t *msg = L"This message is very long, so I want to divide it "
                "into two parts.";

Compliant Solution (Wide String Literals)

If the concatenated string needs to be a wide string literal, each element in the concatenation must be a wide string literal, as in this compliant solution.

wchar_t *msg = L"This message is very long, so I want to divide it "
               L"into two parts.";

Compliant Solution (Narrow String Literals)

If wide string literals are unnecessary, it is better to use narrow string literals, as in this compliant solution.

char *msg = "This message is very long, so I want to divide it "
            "into two parts.";

Risk Assessment

The concatenation of wide and narrow string literals leads to undefined behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR10-C

low

probable

medium

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

MISRA Rule 2-13-5

Bibliography

  • No labels