Rule 18-0-5 scope

Moderators: david ward, misra cpp

Post Reply
dg1980
Posts: 109
Joined: Wed Apr 27, 2016 2:33 pm
Company: Elektrobit Automotive GmbH

Rule 18-0-5 scope

Post by dg1980 » Wed Apr 19, 2017 11:47 am

Does this rule apply to memcpy as well?
The heading of the rule uses the generic term functions while the body of the rule explicitly lists all string functions -> confusing!
So, since memcpy is declared in <cstring> the heading would fit here, while the body does not.
Nevertheless, since memcpy_s etc. is not available in C99/C++03 i think a deviation with reason "code quality/portability" would be justified.
Do you agree?

swestin
Posts: 8
Joined: Wed May 28, 2014 6:53 pm
Company: GrammaTech Inc.

Re: Rule 18-0-5 scope

Post by swestin » Wed Apr 19, 2017 3:18 pm

Isn't null termination the key point here?

Each of the listed functions depends on finding a null character to terminate the input string, making it vulnerable to overrun errors (or attacks). That's what is meant by "unbounded" in this rule. I believe the other functions all require an explicit length.

- Stephen

dg1980
Posts: 109
Joined: Wed Apr 27, 2016 2:33 pm
Company: Elektrobit Automotive GmbH

Re: Rule 18-0-5 scope

Post by dg1980 » Thu Apr 20, 2017 6:09 am

swestin wrote:Isn't null termination the key point here?

Each of the listed functions depends on finding a null character to terminate the input string, making it vulnerable to overrun errors (or attacks). That's what is meant by "unbounded" in this rule. I believe the other functions all require an explicit length.

- Stephen
If so, then the heading should be changed to
The unbounded string functions of library <cstring> shall not be used

misra cpp
Posts: 150
Joined: Mon Jun 02, 2008 1:55 pm
Company: MISRA

Re: Rule 18-0-5 scope

Post by misra cpp » Wed Jul 12, 2017 2:21 pm

The rational is about unterminated strings (e.g. use of strcpy) and requires the use of "a safe string handling library".

As memcpy is not unbounded (you provide the number of characters to copy) and its not one of the functions listed in the rationale, the answer is No
Posted by and on behalf of
the MISRA C++ Working Group

Post Reply

Return to “6.18 Language support library (C++)”