FIO10-A. Take care when using the rename() function

The rename() function has the following prototype:

int rename(const char *old, const char *new);

If the file pointed to by new exists prior to a call to rename(), the behavior is implementation-defined. Therefore, care must be taken when using rename().

Non-Compliant Code Example

In the following non-compliant code, a file is renamed to another file using rename().

Error rendering macro 'code'

com.atlassian.renderer.v2.macro.basic.validator.MacroParameterValidationException: Color value is invalid

However, if newfile.ext already existed, the result is undefined.

Compliant Solution

This compliant solution first checks for the existence of the new file before the call to rename(). Note that this code contains an unavoidable race condition between the call to fopen() and the call to rename().

Error rendering macro 'code'

com.atlassian.renderer.v2.macro.basic.validator.MacroParameterValidationException: Color value is invalid

Risk Assessment

Using rename() without caution leads to undefined behavior, possibly resulting in a file being unexpectedly overwritten.

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
FIO10-A	2 (medium)	3 (likely)	2 (medium)	P12	L2

References

[[ISO/IEC 9899-1999:TC2]] Section 7.9.4.2, "The rename function"

Space shortcuts

Page tree

Non-Compliant Code Example

Compliant Solution

Risk Assessment

References