Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

09. Input Output (FIO)

Created by Jeffrey Gennari, last modified by Robert Seacord on Dec 23, 2006

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

FIO01-A. Prefer functions that do not rely on file names for identification

FIO02-A. Canonicalize file names originating from untrusted sources

FIO03-A. Do not make assumptions about fopen() and file creation

FIO04-A. Detect and handle input output errors

FIO05-A. Identify files using multiple file attributes

FIO06-A. Create files with appropriate access permissions

Rules

FIO30-C. Exclude user input from format strings

FIO32-C. Do not assume file names generated with tmpnam() remain unique

FIO33-C. Detect and handle input output errors resulting in undefined behavior

FIO34-C. Use int to capture the return value of character IO functions

FIO35-C. Use feof() and ferror() to detect end-of-file and file errors

FI036-C. Don't assume a newline character is read

FI037-C. Don't assume character data has been read

FI038-C. Do not use a copy of a FILE object for IO

FI039-C. Do not create temporary files using tmpfile()

No labels