Input and output are mapped into logical data streams , whose properties are more uniform than their various inputs and outputs. Two forms of mapping are supported, one for text streams and one for binary streams \[C99\]. They differ in the actual representation of data as well as in the functionality of some C99 C functions. Wiki Markup
Text
...
Streams
Representation
Characters may have to be altered to conform to differing conventions for representing text in the host environment. As a consequence, data read /written to or written from a text stream will not necessarily compare equal to the stream's byte content.
The following code opens the file myfile
as a text stream:
Code Block |
---|
char *file_name; /* Initialize file_name */ FILE *file = fopen("myfile"file_name, "w"); /* Check for errors */ fputs("\n", file); |
Some architectures might Environments may model line breaks differently. For example, on Windows, the above code will write two this code writes 2 bytes (a carriage return and then a newline) to the file, whereas on *nix POSIX systems, it will only write one this code writes only 1 byte (a newline).
fseek()
When specifying For a text stream, the offset for fseek()
on a text stream, it must be either be zero, 0 or a value returned by an earlier successful call to the ftell()
function (on a stream associated with the same file) with a mode of SEEK_SET
.
ungetc()
The ungetc()
function causes the file position indicator to be "unspecified" until all pushed-back characters are read therefore. As a result, care must be taken that file-position-related functions are not used while this is true.
Binary
...
Streams
Representation
A binary stream is an ordered sequence of characters that can transparently record internal data. As a consequence, data read /from or written to or from a binary stream will necessarily compare equal to the stream's byte content.
The following code opens the file myfile
as a binary stream:
Code Block |
---|
char *file_name; /* Initialize file_name */ FILE *file = fopen("myfile"file_name, "wb"); /* Check for errors */ fputs("\n", file); |
Regardless of architectureenvironment, this code will write writes exactly one 1 byte (a newline).
fseek()
According to the C99 standardC Standard, a binary stream may be terminated with an unspecified number of NULL null characters and need not meaningfully support fseek()
calls with a mode of SEEK_END
. ThereforeConsequently, do not call fseek()
on a binary stream with a mode of SEEK_END
.
ungetc()
The ungetc()
function causes the file-position indicator to be decremented by one 1 for each successful call, with the value being indeterminate if it is zero 0 before any call. Therefore, it As a result, ungetc()
must never be called on a binary stream where the file position indicator is zero0.
Risk Assessment
Failure to understand file stream mappings can result in unexpectedly formatted files.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level | ||||
---|---|---|---|---|---|---|---|---|---|
FIO14-A | 1 (low) | 2 (probable) | 2 (medium) | C | Low | Probable | High | P2 P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
Wiki Markup |
---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.19.2, "Streams" |
Related Guidelines
SEI CERT C++ Coding Standard | VOID FIO14-CPP. Understand the difference between text mode and binary mode with file streams |
...
FIO13-A. Take care when using ungetc() 09. Input Output (FIO) FIO15-A. Avoid taking conditional actions based on path or file names