SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 59

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 60

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: collapsed implementation defined behavior into examples, otherwise this is pretty weak; reviewed

...

Some platforms may forbid a file simultaneously being opened multiple times, but other platforms that may allow it may facilitate dangerous race conditions. This is because it is possible for an open file to be moved or deleted on many platforms. If a program re-opens a file using the same pathname, there is no guarantee that the same file is being accessed. Therefore, portable code cannot depend on what will happen if this rule is violated.

Noncompliant Code Example

...

Code Block
bgColor#ffcccc
langc
#include <stdio.h>
 
void do_stuff(void) {
  FILE *logfile = fopen("log", "a");
  if (logfile == NULL) {
    /* Handle error */
  }

  /* Write logs pertaining to do_stuff() */
  fprintf(logfile, "do_stuff\n");
}

int main(void) {
  FILE *logfile = fopen("log", "a");
  if (logfile == NULL) {
    /* Handle error */
  }

  /* Write logs pertaining to main() */
  fprintf(logfile, "main\n");

  do_stuff();
 
  fclose(logfile);
  return 0;
}

However, Because the file log is opened twice simultaneously . The result is this program has  implementation-defined and potentially dangerous.

Implementation Details

behavior.  On a Linux machine running GCC 4.3.2, for example, this program produces

Code Block
do_stuff
main

...

Code Block
bgColor#ccccff
langc
#include <stdio.h>
 
void do_stuff(FILE *logfile) {
  /* Write logs pertaining to do_stuff() */
  fprintf(logfile, "do_stuff\n");
}

int main(void) {
  FILE *logfile = fopen("log", "a");
  if (logfile == NULL) {
    /* Handle error */
  }

  /* Write logs pertaining to main() */
  fprintf(logfile, "main\n");

  do_stuff(logfile);
 
  fclose(logfile);
  return 0;
}

Implementation Details

On a Linux machine running GCC 4.3.2, this program producesThis program portably produces the following output:

Code Block
main
do_stuff

which matches the order in which logging occurred. This output assumes that the log file was not moved or deleted between the twop two calls to fopen().

Automated Detection

...

Simultaneously opening a file multiple times can result in abnormal program termination or data integrity violationsunexpected errors and nonportable behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO31-C

Medium

Probable

High

P4

L3

...