06-09-2024, 05:12 PM
Firstly, the rule isn't only concerned with string functions
Your project has to decide what an independent component is, with regard to where it is getting its information from. We believe that the spirit of the rule is to validate any input that you do not have guarantees on it or which comes from an untrustworthy source.
The interpretation of 'validate' depends on the expectations you have for the data being input. Should it be in a particular range of values or in a particular format? What happens when those expectations aren't met?
Your project has to decide what an independent component is, with regard to where it is getting its information from. We believe that the spirit of the rule is to validate any input that you do not have guarantees on it or which comes from an untrustworthy source.
The interpretation of 'validate' depends on the expectations you have for the data being input. Should it be in a particular range of values or in a particular format? What happens when those expectations aren't met?
Posted by and on behalf of
the MISRA C++ Working Group
the MISRA C++ Working Group