Invoking getc()
and putc()
with arguments that have side effects may cause unexpected results because these functions may be implemented as macros and arguments to these macros may be evaluated more than once.
Non-Compliant Code Example: getc()
This code calls the getc()
function with an expression as an argument. If getc()
is implemented as a macro, the file may be opened several times (see FIO31-C. Do not simultaneously open the same file multiple times).
char const *filename = "test.txt"; FILE *fptr; int c = getc(fptr = fopen(filename, "r"));
Compliant Solution: getc()
In this compliant solution, getc()
is no longer called with an expression as its argument.
char const *filename = "test.txt"; FILE *fptr = fopen(filename, "r"); int c = getc(fptr);
Non-Compliant Code Example: putc()
In this non-compliant example, putc()
is called with c++
as an argument. If putc()
is implemented as a macro, c++
could be evaluated several times within the macro expansion of putc()
with unintended results.
char const *filename = "test.txt"; FILE *fptr = fopen(filename, "w"); int c = 97; while (c < 123) { putc(c++, fptr); }
Compliant Solution: putc()
In the compliant solution, c++
is no longer an argument to putc()
.
char const *filename = "test.txt"; FILE *fptr = fopen(filename, "w"); int c = 97; while (c < 123) { putc(c, fptr); c++; }
Risk Assessment
Using an expression that has side effects as the argument to getc()
or putc()
can result in unexpected behavior.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
FIO41-C |
2 (medium) |
1 (unlikely) |
2 (medium) |
P4 |
L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.h2. References
[[ISO/IEC 9899-1999:TC2]] Section 7.19.7.5, "The getc
function"; Section 7.19.7.8, "The putc
function"