[metadata]
id = "API07-C"
type = "recommendation"
category = "API"
number = 7
title = "Enforce type safety"
description = """
Upon return, functions should guarantee that any object returned by the
function, or any modified value referenced by a pointer argument, is a valid
object of function return type or argument type. Otherwise, type errors can
occur in the program. A good example is the null-terminated byte string type in
C. If a string lacks the terminating null character, the program may be tricked
into accessing storage after the string as legitimate data. A program may, as a
result, process a string it should not process, which might be asecurity flawin
itself. It may also cause the program to abort, which might be adenial-of-
service attack. The emphasis of this recommendation is to avoid producing
unterminated strings; it does not address processing of already existing
unterminated strings. However, by preventing the creation of unterminated
strings, the need to process them is greatly lessened.
"""
severity = "Medium"
likelihood = "Unlikely"
priority = "P2"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 20, 2025"
[rules.cert_c.API07-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/API07-C.+Enforce+type+safety"
cwe = ["CWE-192", "CWE-227", "CWE-590", "CWE-686", "CWE-704", "CWE-761", "CWE-762", "CWE-843"]