SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 82

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 83

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Calling remove() on an open file has different implications for different implementations and may cause abnormal termination if the removed file is written to or read from, or it may result in unintended information disclosure from files not deleted as intended.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO08-C

Medium

Probable

High

P4

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(customization)Users can implement a custom check for calls to remove() on a file that is currently open.
Compass/ROSE

 

 

 




LDRA tool suite
Include Page
LDRA_V
LDRA_V

81 D

Fully implemented

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
5014Partially implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V



Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID FIO08-CPP. Take care when calling remove() on an open file

Bibliography

[IEEE Std 1003.1:2013]unlink()

...


...