FIO01-A. Access files through file descriptors rather than file names
FIO02-A. Canonicalize file names originating from untrusted sources
FIO03-A. Do not make assumptions about fopen() and file creation
FIO31-C. Detect and handle file operation errors
FIO32-C. Do not assume file names generated with tmpnam() remain unique
FIO30-C. Exclude user input from format strings
FRM31-C. Check return status from sprintf()
INT35-C. Do not convert the value returned by a character IO function
INT36-C. Do not compare characters with EOF