+- MISRA Discussion Forums (https://forum.misra.org.uk)
+-- Forum: MISRA C++ (https://forum.misra.org.uk/forumdisplay.php?fid=18)
+--- Forum: MISRA C++:2008 rules (https://forum.misra.org.uk/forumdisplay.php?fid=19)
+---- Forum: 6.18 Language support library (C++) (https://forum.misra.org.uk/forumdisplay.php?fid=146)
+---- Thread: Rule 18-0-5 scope (/showthread.php?tid=1338)
Rule 18-0-5 scope - dg1980 - 19-04-2017
Does this rule apply to memcpy as well?
The heading of the rule uses the generic term functions while the body of the rule explicitly lists all string functions -> confusing!
So, since memcpy is declared in the heading would fit here, while the body does not.
Nevertheless, since memcpy_s etc. is not available in C99/C++03 i think a deviation with reason "code quality/portability" would be justified.
Do you agree?
Re: Rule 18-0-5 scope - swestin - 19-04-2017
Isn't null termination the key point here?
Each of the listed functions depends on finding a null character to terminate the input string, making it vulnerable to overrun errors (or attacks). That's what is meant by "unbounded" in this rule. I believe the other functions all require an explicit length.
- Stephen
Re: Rule 18-0-5 scope - dg1980 - 20-04-2017
swestin Wrote:Isn't null termination the key point here?If so, then the heading should be changed to
Each of the listed functions depends on finding a null character to terminate the input string, making it vulnerable to overrun errors (or attacks). That's what is meant by "unbounded" in this rule. I believe the other functions all require an explicit length.
- Stephen
Quote:The unbounded string functions of library shall not be used
Re: Rule 18-0-5 scope - misra cpp - 12-07-2017
The rational is about unterminated strings (e.g. use of strcpy) and requires the use of "a safe string handling library".
As memcpy is not unbounded (you provide the number of characters to copy) and its not one of the functions listed in the rationale, the answer is No