...
Non-Compliant Code Example
The following non-compliant code reads data from a file stream into a data structure.
| Code Block | ||
|---|---|---|
| ||
typedef struct myData { char c; float f; } myData; /* There is no way to verify what binary model was used * to write the data */... */ FILE *file; struct myData data; /* initialize file */ fread(&myDatadata, sizeof(myData), 1, fdfile); |
However, the code makes assumptions about the layout of myData, which may be represented differently on a different platform.
Compliant Solution
The best solution is to use either a text representation or a special library that will ensure the integrity of data.
| Code Block | ||
|---|---|---|
| ||
typedef struct myData { char c; float f; }; /* ... */ FILE *file; struct myData data; /* initialize file */ if (fscanf(fdfile, "%c %f\n", &myDatadata.c, &myDatadata.f) != 2) { /* Handlehandle error */ } |
Risk Assessment
...