...
| Code Block | ||
|---|---|---|
| ||
/* sets some internal state in the library */
extern int setfile(FILE *file);
/* performs some action using the file passed earlier */
extern int usefile();
static FILE *myFile;
int setfile(FILE *file) {
if (file && !ferror(file) && !feof(file)) {
myFile = file;
return 0;
}
myFile = NULL;
return -1;
}
int usefile() {
if (!myFile) return -1;
/* perform other checks if needed, return error condition */
/* perform some action here */
return 0;
}
|
Risk Assessment
Ignoring this recommendation Failing to validate the parameters in library functions may result in an access violation or a data integrity violation. Such a scenario is indicative of a flaw in the manner in which the library is used by the calling code. However, it may still be the library itself that is the vector by which the calling code's vulnerability is exploited.
...