Rule 07. Input Output (FIO)

• Page:
  FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call
• Page:
  FIO51-CPP. Close files when they are no longer needed

• Page:
  FIO30-C. Exclude user input from format strings
• Page:
  FIO32-C. Do not perform operations on devices that are only appropriate for files
• Page:
  FIO34-C. Distinguish between characters read from a file and EOF or WEOF
• Page:
  FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful
• Page:
  FIO38-C. Do not copy a FILE object
• Page:
  FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call
• Page:
  FIO40-C. Reset strings on fgets() or fgetws() failure
• Page:
  FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
• Page:
  FIO42-C. Close files when they are no longer needed
• Page:
  FIO44-C. Only use values for fsetpos() that are returned from fgetpos()
• Page:
  FIO45-C. Avoid TOCTOU race conditions while accessing files
• Page:
  FIO46-C. Do not access a closed file
• Page:
  FIO47-C. Use valid format strings

Risk Assessment Summary