Contents
V2645. MISRA. The language features specified in Annex K should not be used.
This diagnostic rule is based on the MISRA (Motor Industry Software Reliability Association) software development guidelines.
This diagnostic rule is relevant only for C.
Annex K—"Bounds-checking interfaces" of the C language standard (C11)—describes an alternative function library (Clause K.3) for safer and more secure programming.
For example, the strcpy function does not perform a buffer bounds check, which can lead to an overflow. The more secure alternative is strcpy_s, which checks the buffer size and returns an error indicator if it is insufficient.
It would not be an error to use such functions without defining the __STDC_WANT_LIB_EXT1__ macro since they are part of the standard. In other words, since these functions are not related to Annex K, they can be used.
If the __STDC_WANT_LIB_EXT1__ macro is defined, the functions are used as an extension from Annex K.
The use of these extended functions can lead to unpredictable results, because the standard does not define the behavior for some of them, leaving it to the discretion of the standard library developers.
According to the MISRA standard, the functions, definitions, and macros listed in Appendix K cannot be used if the __STDC_WANT_LIB_EXT1__ macro expands to 1.
The example:
#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
void foo ()
{
const char* src = "Hello";
char dst[30];
int res = strcpy_s(dst, sizeof(dst), src);
}The strcpy_s function safely copies the src string to the dst buffer, performing bounds checking to prevent overflow. In the example above, the analyzer issues a warning because it detects the __STDC_WANT_LIB_EXT1__ macro is defined, so the strcpy_s function belongs to the alternative function library from Annex K.
This diagnostic is classified as:
|
Was this page helpful?
