[metadata]
id = "STR00-C"
type = "recommendation"
category = "STR"
number = 0
title = "Represent characters using an appropriate type"
description = """
Strings are a fundamental concept in software engineering, but they are not a
built-in type in C. Null-terminated byte strings (NTBS) consist of a contiguous
sequence of characters terminated by and including the first null character and
are supported in C as the format used for string literals. The C programming
language supports single-byte character strings, multibyte character strings,
and wide-character strings. Single-byte and multibyte character strings are both
described as null-terminated byte strings, which are also callednarrowcharacter
strings. A pointer to a null-terminated byte string points to its initial
character. The length of the string is the number of bytes preceding the null
character, and the value of the string is the sequence of the values of the
contained characters, in order. A wide string is a contiguous sequence of wide
characters (of typewchar_t) terminated by and including the first null wide
character. A pointer to a wide string points to its initial (lowest addressed)
wide character. The length of a wide string is the number of wide characters
preceding the null wide character, and the value of a wide string is the
sequence of code values of the contained wide characters, in order.
"""
severity = "Medium"
likelihood = "Probable"
priority = "P4"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "Jul 24, 2025"
[rules.cert_c.STR00-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/STR00-C.+Represent+characters+using+an+appropriate+type"