Characters and Strings (STR)
- STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator
- STR51-CPP. Do not attempt to create a std::string from a null pointer
- STR52-CPP. Use valid references, pointers, and iterators to reference elements of a basic_string
- STR53-CPP. Range check element access
The following rules from the SEI CERT C Coding Standard also apply in C++:
- STR30-C. Do not attempt to modify string literals
- STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
- STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
- STR34-C. Cast characters to unsigned char before converting to larger integer sizes
- STR37-C. Arguments to character-handling functions must be representable as an unsigned char
- STR38-C. Do not confuse narrow and wide character strings and functions
Information for Editors
To have a new guideline automatically listed above be sure to label it str and rule .
Risk Assessment Summary
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| STR50-CPP | High | Likely | No | No | P9 | L2 |
| STR51-CPP | High | Likely | No | Yes | P18 | L1 |
| STR52-CPP | High | Probable | No | No | P6 | L2 |
| STR53-CPP | High | Unlikely | No | No | P3 | L3 |
