MISRA C++:2008 Rule 18-0-5

The unbounded functions of library <cstring> shall not be used

expand all in page

Description

The unbounded functions of library <cstring> shall not be used.1

Rationale

The unbounded functions of library <cstring> does not check the bounds of a buffer when reading from it or writing into it. This results in accessing a buffer beyond its end, which is undefined behavior. Functions that reads a buffer beyond its end include: strcpy, strcmp, strcat, strchr, strspn, strcspn, strpbrk, strrchr, strstr, strtok and strlen.

Polyspace Implementation

Polyspace® reports a violation if you use any of these names in your code:

  • strcpy

  • strcmp

  • strcat

  • strchr

  • strspn

  • strcspn

  • strpbrk

  • strrchr

  • strstr

  • strtok

  • strlen

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

In this example, Polyspace reports a violation on the use of the unbounded strcpy() function.

#include <cstring>

void foo ( const char * ptr2char )
{
   char str [ 10 ];
   strcpy ( str, ptr2char );   // Non-compliant   
}

Check Information

Group: Language Support Library
Category: Required

Version History

Introduced in R2013b

See Also

Topics

1 All MISRA coding rules and directives are © Copyright The MISRA Consortium Limited 2021.

The MISRA coding standards referenced in the Polyspace Bug Finder™ documentation are from the following MISRA standards:

  • MISRA C:2004

  • MISRA C:2012

  • MISRA C:2023

  • MISRA C++:2008

  • MISRA C++:2023

MISRA and MISRA C are registered trademarks of The MISRA Consortium Limited 2021.