You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

The address of the FILE object used to control a stream may be significant; a copy of a FILE object need not serve in place of the original. Do not use a copy of a FILE object in any input/output operations.

Non-Compliant Code Example

This non-compliant code example can fail because a copy of stdout is being used in the call to fputs().

#include <stdio.h>

int main(void) {
    FILE my_stdout = *(stdout);
    fputs("Hello, World!\n", &my_stdout);

    return 0;
}

Platform Specific Details

This non-compliant example does fails with an "access violation" when compiled under Microsoft Visual Studio 2005 and run on an IA-32 platform.

Compliant Solution

In this compliant solution, a copy of the pointer to the FILE object is used in the call to fputs().

#include <stdio.h>

int main(void) {
    FILE *my_stdout = stdout;
    fputs("Hello, World!\n", my_stdout);
    return 0;
}

Risk Assessment

Using a copy of a FILE object in place of the original is likely to result in a crash which can be used in a denial-of-service attack.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO38-C

1 (low)

2 (probable)

2 (medium)

P4

L2

Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.

References

[[ISO/IEC 9899-1999]] Section 7.19.3, "Files"

  • No labels