Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

09. Input Output (FIO)

Created by Jeffrey Gennari, last modified by Robert Seacord on Oct 25, 2006

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

FIO01-A. Access files through file descriptors rather than file names

FIO02-A. Canonicalize file names originating from untrusted sources

FIO03-A. Do not make assumptions about fopen() and file creation

FIO31-C. Detect and handle file operation errors

Rules

FIO30-C. Exclude user input from format strings

FIO32-C. Do not assume file names generated with tmpnam() remain unique

FIO33-C. Detect and handle critical file operation errors

INT35-C. Do not convert the value returned by a character IO function

FIO35-C. Do not compare characters with EOF

No labels