...
For FIO39-C. Do not read in from a stream directly following output to that stream Can we rewrite the NCCE and compliant solution as a function or use another mechanism so we don't need to specify the name of the device. Unfortunately device names such as "/dev/device2" appear to be OS specific. Perhaps check this section for other instances of this problem as well.
- done - alexv 4/22
...
The Risk Assessment Summary tables for each section need to be updated (they are out of date with the actual rules). - I got as far as EXP07, which still has the risk assessment for EXP10
i went through on 4/15 and checked to make sure the section tables matched the rules... are we confident that the risk summaries in the rules are correct? Only one missing and it is FLP02 -alexv 4/17
- FLP02 is missing a risk assessment
- FIO09 is missing a risk assessment
...
The forward backward navigation links between sections need to be checked and fixed.
...
So take examples like:
| Code Block |
|---|
char buff[50];
|
and change them to:
| Code Block |
|---|
enum {buff_max = 50};
char buff[buff_max];
|
...