| According to C99 \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\], if the {{fgets()}} function fails, the contents of the array it was writing to are undefined. As a result it is necessary to reset the string to a known value to avoid possible errors on subsequent string manipulation functions. | 
In this example, an error flag is set upon fgets() failure. However, buf is not reset, and will have unknown contents.
| 
enum { BUFFERSIZE = 1024 };
char buf[BUFFERSIZE];
FILE *file;
/* Initialize file */
if (fgets(buf, sizeof(buf), file) == NULL) {
  /* set error flag and continue */
}
printf("Read in: %s\n", buf);
 | 
In this compliant solution, buf is set to an error message after fgets fails.
| 
enum { BUFFERSIZE = 1024 };
char buf[BUFFERSIZE];
FILE *file;
/* Initialize file */
if (fgets(buf, sizeof(buf), file) == NULL) {
  /* set error flag and continue */
  strcpy(buf, "fgets failed");
}
printf("Read in: %s\n", buf);
 | 
Making assumptions about the contents of the array set by fgets on failure could lead to undefined behavior, possibly resulting in abnormal program termination.
| Rule | Severity | Likelihood | Remediation Cost | Priority | Level | 
|---|---|---|---|---|---|
| FIO40-C | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 | 
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
| \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.19.7.2, "The {{fgets}} function" | 
FIO39-C. Do not read in from a stream directly following output to that stream 09. Input Output (FIO) FIO41-C. Do not call getc() or putc() with arguments that have side effects