Page History

...

TOCTOU race condition vulnerabilities can be exploited to gain elevated privileges.

Rule	Severity	Likelihood	Detectable	RepairableRemediation Cost	Priority	Level
POS35-C	High	Likelyhigh	likelyNo	mediumNo	P18 P9	L1 L2

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

user_defined

Soundly supported

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-POS35

Compass/ROSE

Can detect some violations of this rule. In particular, it ensures that calls to open() that are preceded by a call to lstat() are also followed by a call to fstat().

Coverity

Include Page

	Coverity_V
	Coverity_V

TOCTOU

Implemented

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

DF4886, DF4887, DF4888

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

SV.TOCTOU.FILE_ACCESS
CERT.STR.ASSIGN.CONST_TO_NONCONST

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-POS35-b

Avoid race conditions while checking for the existence of a symbolic link

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule POS35-C

Checks for file access between time of check and use (TOCTOU) (rule fully covered)

...

[Dowd 2006]	Chapter 9, "UNIX 1: Privileges and Files"
[ISO/IEC 9899:20112024]	Section 7.2123, "Input/output `<stdio.h>`"
[Open Group 2004]	lstat() fstat() open()
[Seacord 2013]	Chapter 8, "File I/O"

...

Space shortcuts

Page tree

Versions Compared

Old Version 95

New Version Current

Key

Automated Detection