Page History

...

If not properly performed, checking for the existence of symbolic links can lead to race conditions.

This rule is a specific instance of rule FIO45-C. Avoid TOCTOU race conditions while accessing files.

Noncompliant Code Example

...

TOCTOU race condition vulnerabilities can be exploited to gain elevated privileges.

Rule	Severity	Likelihood	Detectable	Remediation CostRepairable	Priority	Level
POS35-C	High	Likelyhigh	likelyNo	mediumNo	P18 P9	L1 L2

Automated Detection

CERT_C-POS35-a Usage of functions prone to race is not allowed

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

user_defined

Soundly supported

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-POS35

Compass/ROSE

Can detect some violations of this rule. In particular, it ensures that calls to open() that are preceded by a call to lstat() are also followed by a call to fstat().

Coverity

Include Page

	Coverity_V
	Coverity_V

TOCTOU

Implemented

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

DF4886, DF4887, DF4888

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

SV.TOCTOU.FILE_ACCESS
CERT.STR.ASSIGN.CONST_TO_NONCONST

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-POS35-b

Avoid race conditions while checking for the existence of a symbolic link

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule POS35-C

Checks for file access between time of check and use (TOCTOU) (rule fully covered)

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

[Dowd 2006]	Chapter 9, "UNIX 1: Privileges and Files"
[ISO/IEC 9899:20112024]	Section 7.2123, "Input/output `<stdio.h>`"
[Open Group 2004]	lstat() fstat() open()
[Seacord 2013]	Chapter 8, "File I/O"

...

Space shortcuts

Page tree

Versions Compared

Old Version 86

New Version 98

Key

Noncompliant Code Example

Automated Detection

Related Vulnerabilities