Page History

According to the C Standard, Section 7.2123.3, paragraph 6 [ISO/IEC 9899:20112024],

The address of the FILE object used to control a stream may be significant; a copy of a FILE object need is not required to serve in place of the original.

...

This noncompliant code example can fail because a by-value copy of stdout is being used in the call to fputs().:

#include <stdio.h>
 
int main(void) {
  FILE my_stdout = *(stdout);  /* violation */
  if (fputs("Hello, World!\n", &my_stdout) == EOF) {
    /* Handle error */
  }
  return 0;
}

For example, this noncompliant example raises When compiled under Microsoft Visual Studio 2013 and run on Windows, this noncompliant example results in an "access violation" exception at run-time when compiled under Microsoft Visual Studio Express 2012 and run under Windowsat runtime.

Compliant Solution

In this compliant solution, a copy of the stdout pointer to the FILE object is used in the call to fputs().:

#include <stdio.h>
 
int main(void) {
  FILE *my_stdout = stdout;
  if (fputs("Hello, World!\n", my_stdout) == EOF) {
    /* Handle error */
  }
  return 0;
}

...

Using a copy of a FILE object in place of the original may result in a crash, which can be used in a denial-of-service attack.

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

...

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
ISO/IEC TS 17961:2013	Copying a FILE object [filecpy]	Prior to 2018-01-12: CERT: Unspecified Relationship

Bibliography

CERT C++ Secure Coding Standard: FIO38-CPP. Do not use a copy of a FILE object for input and output

...

...

...

ISO/IEC TS 17961 (Draft) Copying a FILE object [filecpy]

...

...

Image Modified Image Modified Image Modified