This appendix contains guidelines for functions that are defined as part of the POSIX family of standards but are not included in ISO/IEC 9899-1999. These rules and recommendations are not part of the core standard because they do not apply in all C language applications and because they represent an incomplete set. The intent of providing these guidelines is to demonstrate how rules and recommendations for other standards or specific implementations may be integrated with the core C99 recommendations.
Recommendations
POS00-C. Avoid race conditions with multiple threads
POS01-C. Check for the existence of links when dealing with files
POS02-C. Follow the principle of least privilege
POS03-C. Do not use volatile as a synchronization primitive
POS04-C. Avoid using PTHREAD_MUTEX_NORMAL type mutex locks
Rules
POS30-C. Use the readlink() function properly
POS31-C. Do not unlock or destroy another thread's mutex
POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
POS35-C. Avoid race conditions while checking for the existence of a symbolic link
POS36-C. Observe correct revocation order while relinquishing privileges
POS37-C. Ensure that privilege relinquishment is successful
POS38-C. Beware of race conditions when using fork and file descriptors
POS39-C. Use the correct byte ordering when transferring data between systems
...
| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
Information for Editors |
Rules
| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
Information for Editors |
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS00-C | medium | probable | high | P4 | L3 |
POS01-C | medium | likely | high | P6 | L2 |
POS02-C | high | likely | high | P9 | L2 |
POS03-C | medium | probable | medium | P12 | L1 |
...