C programs often rely on files to retreive and store data needed during program execution. File functions, such as open, read, write, and close are built into the C programming language to simplify how C programs interact with files. However, it is the underlying operating system that manages files. Inconsistencies may exist between how C programs and the underlying operating system handle the files and the file system. Many of these descrepencies can lead to security vulnerabilities.
The following rules and recommendations are suggested to reduce the common errors associated with file operations in C. These guidelines are designed to by system independent. However, files and file management are inherently tied to the underlying operating system. Cases where security issues or recomendations are specific to an architecture are clearly marked as pertaining to that architecture.
FIO01-A. Access files through file descriptors versus file names
FIO02-A. Translate file names into canonical form
FIO31-C. Detect and handle file operation errors