Main Content

CERT C++: STR51-CPP

Do not attempt to create a std::string from a null pointer

Since R2022b

expand all in page

Description

Rule Definition

Do not attempt to create a std::string from a null pointer.1

Polyspace Implementation

The rule checker checks for the issue String operations on null pointer.

Examples

expand all

Issue

This issue occurs when:

  • You perform string operations that require calling std::char_traits::length() on NULL, 0, or nullptr. Examples of such string operations are creating, appending, assigning, inserting, or replacing the string. For a list of operations that results in call to std::char_traits::length(), see STR51-CPP.

    This issue is a specific instance of the issue Null pointer, which causes violations of CERT C++: EXP34-C. Consider this code:

    std::string getString(); //returns nullptr
void foo(){
    std::string str{getString()};//Defect
}
    Construction of str requires an implicit call to std::char_traits::length(). Polyspace® reports a violation because getString() returns a nullptr, which results in calling std::char_traits::length() on nullptr.

  • You perform certain string operations on a nonnull pointer to an uninitialized memory block. Consider this code:

    void foo() {

	const char* uninitialized = (const char*)std::malloc(size*sizeof(char) + 1);;
	 std::string tmp(uninitialized);  //Noncompliant
}
    Polyspace reports a violation of this rule when tmp is constructed by using the uninitialized memory in uninitialized.

A violation of this rule is not reported for stubbed functions.

Risk

Performing string operations that require calling std::char_traits::length() on NULL, 0, or nullptr might result in an undefined behavior. The function std::char_traits::length() dereferences the null pointer, which is an undefined behavior.

Performing string operations on uninitialized memory results in unexpected outcome and might result in bugs that are difficult to diagnose.

Fix

Check if the string object is a null pointer or an empty string before you perform string operations.

Example — String Operations Using Null Pointer
#include <cstdlib>
#include <string>

int status;
const char *getInput()
{
    return status == 0 ? std::getenv("TMP") : nullptr;

}

void foo()
{
    status=1;
    const char *data = getInput();
    //...
    std::string str(data);   // Noncompliant
    str.append(data);        // Noncompliant
    str.assign(data);        // Noncompliant
    str.insert(0, data);     // Noncompliant
    str.replace(0, 1, data); // Noncompliant
}

In this example, the const char* object data is created by calling getInput(), and then various string operations are performed by using data. Polyspace reports a violation of this rule for each string operation because the function getInput() returns a nullptr which is then assigned to data.

Correction — Avoid Performing String Operation on Null Pointers

Modify getInput() so that the function does not return a nullptr.

#include <cstdlib>
#include <string>

int status;
const char *getInput()
{
    return status == 0 ? std::getenv("TMP") : "";

}

void foo()
{
    status=1;
    const char *data = getInput();
    //...
    std::string str(data);   // Compliant
    str.append(data);        // Compliant
    str.assign(data);        // Compliant
    str.insert(0, data);     // Compliant
    str.replace(0, 1, data); // Compliant
}

Check Information

Group: 05. Characters and Strings (STR)

Version History

Introduced in R2022b

expand all

See Also

Topics

External Websites

1 This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.