Contenu principal

MISRA C++:2008 Rule 18-0-2

The library functions atof, atoi and atol from library <cstdlib> shall not be used

Description

Rule Definition

The library functions atof, atoi and atol from library <cstdlib> shall not be used.1

Rationale

Converting strings to a numeric value by using the functions atof, atoi and atol from the library <cstdlib> might result in error conditions. For instance, using the preceding functions might cause an error when the input string:

  • Does not contain a number

  • Contains a number, but is out of range

  • Contains additional data after a number

When using the preceding functions, failure to convert a string to a numeric value might result in undefined behavior. To avoid undefined behavior and undetected errors, check the error state of output when converting strings to a numeric value.

Polyspace Implementation

Polyspace® flags the C standard library string-to-number functions of atoi(), atol(), and atof().

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

#include <cstdlib> 
#include <iostream> 
#include <string> 

void foo() { 
	std::string str1 = "7"; 
	std::string str2 = "3.1415"; 
	std::string str3 = "three"; 

	int myint1 = std::stoi(str1); //Compliant 
	float myint2 = std::stof(str2); //Compliant 
	long myint3 = std::stol(str3); //Compliant 

	const char* str4 = "12"; 
	const char* str5 = "2.7182"; 
	const char* str6 = "undefinedError"; 

	int num4 = atoi(str4); //Noncompliant 
	float num5 = atof(str5); //Noncompliant 
	long num6 = atol(str6); //Noncompliant  
	//...
} 

In this example, Polyspace flags the use of C standard library functions for converting strings to numeric value. For instance:

  • The string-to-number functions from the C standard library, such as atoi(), atof(), and atol() are noncompliant flagged because an invalid conversion results in undefined behavior.

  • The string-to-number functions from the C++ standard library std::stoi(), std::stof(), and std::stol() are not flagged because an invalid conversion produces a std::invalid_argument exception, which is defined behavior.

Check Information

Group: Language Support Library
Category: Required

Version History

Introduced in R2013b


1 All MISRA coding rules and directives are © Copyright The MISRA Consortium Limited 2021.

The MISRA coding standards referenced in the Polyspace Bug Finder™ documentation are from the following MISRA standards:

  • MISRA C:2004

  • MISRA C:2012

  • MISRA C:2023

  • MISRA C++:2008

  • MISRA C++:2023

MISRA and MISRA C are registered trademarks of The MISRA Consortium Limited 2021.