Page History

According to the C Standard, 7.21.3, paragraph 6 [ISO/IEC 9899:2011],

The address of the FILE object used to control a stream may be significant; a copy of a FILE object need not serve in place of the original.

Consequently, do not copy Do not use a copy of a FILE object in any input/output operations.

...

Noncompliant Code Example

This non-compliant noncompliant code example can fail because a by-value copy of stdout is being used in the call to fputs().:

#include <stdio.h>
 
int main(void) {
    FILE my_stdout = *(stdout);
  if  (fputs("Hello, World!\n", &my_stdout);
) == EOF) {
    /* Handle error */
  }
  return 0;
}

Platform Specific Details

This non-compliant example does fails with an "access violation" when When compiled under Microsoft Visual Studio 2005 2013 and run on an IA-32 platformWindows, this noncompliant example results in an "access violation" at runtime.

Compliant Solution

In this compliant solution, a copy of the stdout pointer to the FILE object is used in the call to fputs().:

#include <stdio.h>
 
int main(void) {
    FILE *my_stdout = stdout;
  if  (fputs("Hello, World!\n", my_stdout);) == EOF) {
    /* Handle error */
  }
  return 0;
}

Risk Assessment

Using a copy of a FILE object in place of the original is likely to may result in a crash, which can be used in a denial-of-service attack.

Automated Detection

Related Vulnerabilities

Search for Examples of vulnerabilities resulting from the violation of this rule can be found on the CERTwebsite.

References

CERT website.

Related Guidelines

Key here (explains table format and definitions)

Bibliography

...

Image Added Image Added Image Added Wiki Markup\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]] Section 7.19.3 Files