...
In this compliant solution, getc() is no longer called with an expression as its argument, and the value returned by fopen() is checked for errors.
...
This example shows only the side-effect issue. The output differs depending on the character set. Consequently, it is important to not make no assumptions about the order of the letters. For example, when run on a machine using an ASCII-derived code set such as ISO-8859 or Unicode, this code sample will print out the 26 lowercase letters of the English alphabet. However, if run with an EBCDIC-based code set, such as Codepage 037 or Codepage 285, punctuation marks or symbols may be output between the letters.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
ISO/IEC 9899:2011 Section 7.21.7.5, "The getc function," and Section 7.21.7.7, "The putc function"
...
...