Page History

...

Calling remove() on an open file has different implications for different implementations and may cause abnormal termination if the removed file is written to or read from, or it may result in unintended information disclosure from files not deleted as intended.

Recommendation	Severity	Likelihood

Remediation Cost

Detectable	Repairable	Priority	Level
FIO08-C	Medium	Probable	No

High

No

P4

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

(customization)

Users can implement a custom check for calls to remove() on a file that is currently open.

Compass/ROSE

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C5014

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

81 D

Fully implemented

PRQA QA-C

Polyspace Bug Finder

Include Page

PRQA

	Polyspace Bug Finder_V

PRQA

	Polyspace Bug Finder_V

Warncall -wc removePartially implemented

CERT C: Rec. FIO08-C

Checks for function remove() called on open file

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++

Secure

Coding Standard

VOID FIO08-CPP. Take care when calling remove() on an open file

Bibliography

[IEEE Std 1003.1:2013] unlink()

...

Image Modified Image Modified Image Modified

Space shortcuts

Page tree

Versions Compared

Old Version 75

New Version Current

Key

Automated Detection

Related Vulnerabilities

Related Guidelines

Bibliography