[metadata]
id = "API05-C"
type = "recommendation"
category = "API"
number = 5
title = "Use conformant array parameters"
description = """
Traditionally, C arrays are declared with an index that is either a fixed
constant or empty. An array with a fixed constant index indicates to the
compiler how much space to reserve for the array. An array declaration with an
empty index is an incomplete type and indicates that the variable references a
pointer to an array of indeterminate size. The termconformant array
parametercomes from Pascal; it refers to a function argument that is an array
whose size is specified in the function declaration.Since C99, C has supported
conformant array parameters by permitting array parameter declarations to use
extended syntax.Subclause 6.7.6.2, paragraph 1, of C11 [ISO/IEC 9899:2011]
summarizes the array index syntax extensions: Consequently, an array declaration
that serves as a function argument may have an index that is a variable or an
expression. The array argument is demoted to a pointer and is consequently not a
variable length array (VLA). Conformant array parameters can be used by
developers to indicate the expected bounds of the array. This information may be
used by compilers, or it may be ignored. However, such declarations are useful
to developers because they serve to document relationships between array sizes
and pointers. This information can also be used bystatic analysistools to
diagnose potential defects.
"""
severity = "High"
likelihood = "Probable"
priority = "P12"
level = "L1"
cert_version = "2016 Edition (Wiki)"
last_modified = "Unknown"
[rules.cert_c.API05-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/API05-C.+Use+conformant+array+parameters"