SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 8

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Simultaneously

...

opening

...

a

...

file

...

multiple

...

times

...

has

...

implementation-defined

...

behavior.

...

On

...

some

...

platforms,

...

this

...

is

...

not

...

allowed.

...

On

...

others,

...

it

...

might

...

result

...

in

...

race

...

conditions.

...

Non-Compliant

...

Coding

...

Example

...

The

...

following

...

non-compliant

...

code

...

example

...

logs

...

the

...

program's

...

state

...

at

...

runtime.

{:=
Code Block
bgColor
#ffcccc
void do_stuff(void) {
   FILE \*logfile = fopen("log", "a");

  / \* Check for errors, write logs pertaining to do_stuff(), etc. */
}

int main(void)
{  { 
   FILE *logfile = fopen("log", "a");

    /* Check for errors, write logs pertaining to main(), etc. */   

   do_stuff();    

   /* ... */ 
} 
{null}

However,

...

the

...

file

...

log

...

is

...

opened

...

twice

...

simultaneously.

...

The

...

result

...

is

...

implementation-defined

...

and

...

potentially

...

dangerous.

...

Compliant

...

Solution

...

In

...

this

...

compliant

...

solution,

...

a

...

reference

...

to

...

the

...

file

...

pointer

...

is

...

passed

...

around

...

so

...

that

...

the

...

file

...

does

...

not

...

have

...

to

...

be

...

opened

...

twice

...

separately.

{:=
Code Block
bgColor
#ccccff
}
void do_stuff(FILE **file) {
  FILE *logfile = *file;

  /* Check for errors, write logs pertaining to do_stuff, etc. */
}

int main(void) {
  FILE *logfile = fopen("log", "a");

  /* Check for errors, write logs pertaining to main, etc. */

  do_stuff(&logfile);

  /* ... */
}
{code}

h2. Risk Assessment

Simultaneously opening a file multiple times could result in abnormal program termination or a data integrity violation.
|| Rule || Severity || Likelihood || Remediation Cost || Priority || Level ||
| FIO31-A | *2* (medium) | *2* (probable) | *2* (medium) | {color:#cc9900}{*}P8{*}{color} | {color:#cc9900}{*}L2{*}{color} |

h2. References

Risk Assessment

Simultaneously opening a file multiple times could result in abnormal program termination or a data integrity violation.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO31-A

2 (medium)

2 (probable)

2 (medium)

P8

L2

References

Wiki Markup
\[[ISO/IEC 9899-1999:TC2|AA. C References#ISO/IEC 9899-1999TC2]\] Section 7.19.3, "Files"