SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 27

changes.mady.by.user Ed Desautels

Saved on

compared with

New Version 28

changes.mady.by.user Alex Volkovitsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: changed filenames from strings to some variable called file_name

...

Code Block
bgColor#FFcccc
FILE *file;

/* ... */

file = fopen("myfile"file_name, "w+");
if (fopen == NULL) {
  /* Handle error condition */
}

/* ... */

remove("myfile"file_name);

/* ... */

Some implementations will not remove "myfile" because the stream is still open.

...

Code Block
bgColor#ccccff
#include <unistd.h>

FILE *file;

/* ... */

file = fopen("myfile"file_name, "w+");
if (fopen == NULL) {
  /* Handle error condition */
}
unlink("myfile"file_name);
fclose("myfile"file);

Risk Assessment

Calling remove() on an open file has different implications for different implementations and may cause abnormal termination if the removed file is written to or read from, or may result in unintended information disclosure from files not deleted as intended.

...