SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 86

changes.mady.by.user Unknown User (lflynn)

Saved on

compared with

New Version 87

changes.mady.by.user Anirban Gangopadhyay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added Polyspace Bug Finder

...

Misuse of the fsetpos() function can position a file position indicator to an unintended location in the file.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO44-C

Medium

Unlikely

Medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(customization)Users can add a custom check for violations of this constraint.
Compass/ROSE

 

 



Can detect common violations of this rule. However, it cannot handle cases in which the value returned by fgetpos() is copied between several variables before being passed to fsetpos()

LDRA tool suite
Include Page
LDRA_V
LDRA_V

82 D

Fully implemented

Polyspace Bug FinderR2017bInvalid file positionfsetpos() is invoked with a file position argument not obtained from fgetpos()

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

ISO/IEC TS 17961:2013Using a value for fsetpos other than a value returned from fgetpos [xfilepos]Prior to 2018-01-12: CERT: Unspecified Relationship

Bibliography

[ISO/IEC 9899:2011]7.21.9.3, "The fsetpos Function"

...


...