CERT C: Rec. STR00-C

Represent characters using an appropriate type

Since R2026a

expand all in page

Description

Represent characters using an appropriate type1

Polyspace Implementation

The rule checker checks for Inappropriate type for characters.

Examples

expand all

Issue

This issue occurs when any of these conditions are true:

  • The code uses the numerical value of a character, including implicit and explicit conversions to or from char.

  • An object is converted to wchar_t but the object is not a plain char string, multibyte string, or wide string.

  • A constant string containing non-ASCII characters is converted to a plain char string.

  • A constant string is converted to anything other than a plain char string, multibyte string, or wide string.

Polyspace® does not report a violation if an unsigned enumeration member is assigned to signed or unsigned char variables.

Risk

Using inappropriate types for strings can lead to undefined and unexpected behavior.

Fix

Use plain char, byte, multibyte, or wchar_t types for characters. Use null terminated arrays of these types as strings.

Example

This example shows the use of inappropriate types for characters.

#include <wchar.h>
void foo(){
    
    // plain char/wide char converted to signed int implicitly
    char myChar = 45; //Noncompliant
    wchar_t myWchar = 45;  //Noncompliant

    // widechar is stored in char
    char pound = '£'; //Noncompliant

    //constant string converted to signed char[] instead of plain char[] 
    signed char greet[] = "Hello"; //Noncompliant

    //Implicit conversion
    char c_var = 'B';
    c_var = c_var + 'A'; //Noncompliant

    //Use of signed char instead of plain char
    signed char sChar = 'A'; //Noncompliant

}
In this code, Polyspace reports a violation when:

  • Integer values are converted to plain char or wchar_t.

  • A constant string or a constant character is converted to a signed char type instead of plain char type.

Correction

To fix these violations, use appropriate types for characters and strings.

#include <wchar.h>
void foo() {

	// To hold small integers, use signed or unsigned char
	unsigned char myChar = 45; //Compliant
	unsigned char myWchar = 45;  //Compliant

	// widechar is stored in char
	wchar_t pound = '£'; //Compliant

	//Use plain char[]  to hold string constants
	char greet[] = "Hello"; //Compliant

	//Use char[] for arrays
	char c_var[3];
	c_var[0] = 'B';
	c_var[1] = 'A';
	c_var[2] = '\0';

	//Use plain char to hold characters
	char sChar = 'A';
}

Check Information

Group: Rec. 07. Characters and Strings (STR)
PQL Name: std.cert.STR00_C

Version History

Introduced in R2026a

See Also

Topics

1 This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.