fread() function, as defined in the C Standard, subclause 184.108.40.206 [ISO/IEC 9899:2011], does not explicitly null-terminate the read character sequence.
size_t fread(void * restrict ptr, size_t size, size_t nmemb, FILE * restrict stream)
freadfunction reads, into the array pointed to by
ptr, up to
whose size is specified by
size, from the stream pointed to by
Although the content of a file has a properly null-terminated character sequence, if
nmemb is less than the total length of the characters, the
fread() function will not read after
fread() will not append a null character to the end of the string being read to.
Noncompliant Code Example
Suppose we have a null-terminated character sequence in a file, and we need to extract a null-terminated byte string:
size is less than the total length of the file (
buffer is not properly null-terminated.
To correct this example, the size of
buffer must be compared with the total length of the file to identify the erroneous case where
size differs from
length. At this point, it is up to the programmer to handle this case.
When reading an input stream, the read character sequence is not explicitly null-terminated by the
fread() function. Operations on the read-to buffer could result in overruns, causing abnormal program termination.
|LDRA tool suite|
|44 S||Enhanced enforcement|
|Polyspace Bug Finder|
|Tainted NULL or non-null-terminated string|
Argument is from an unsecure source and may be NULL or not NULL-terminated
|SEI CERT C++ Coding Standard||VOID FIO20-CPP. Do not rely on an ending null character when using read()|
|[ISO/IEC 9899:2011]||Subclause 220.127.116.11, "The |