SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 35

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 36

changes.mady.by.user Alex Volkovitsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
Some systems provide the O_NOFOLLOW flag to help mitigate this problem.  The flag will be required by the forthcoming POSIX.1-2008 standard, and so will become more portable over time
.  If the flag is set and the supplied pathname is a symbolic link, then the open will 
 \[[Austin Group 08|AA. C References#Austin Group 08]\]. If the flag is set and the supplied {{pathname}} is a symbolic link, then the open will fail.

Code Block
bgColor#ccccff
int fd;
if ((fd = open(file_name, O_RDWR | O_NOFOLLOW)) == -1) {
  /* handle error */
}
write(fd, userbuf, userlen);

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Wiki Markup
\[[Austin Group 08|AA. C References#Austin Group 08]\]
\[[Open Group 04|AA. C References#Open Group 04]\] [{{open()}}|http://www.opengroup.org/onlinepubs/009695399/functions/open.html]
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 7, "File I/O"

...