Filenames on various operating systems including Windows and UNIX may be used to access "special" files which are actually devices. Sample reserved MS-DOS device names include AUX, CON, PRN, COM1, and LPT1. Device files on UNIX systems are used to apply access rights and to direct operations on the files to the appropriate device drivers.
Performing operations on device files which are intended for ordinary character or binary files can result in crashes and denial-of-service attacks. For example, when Windows attempts to interpret the device name as a file resource, it performs an illegal resource access that usually results in a crash \[[Howard 02|AA. C References#Howard 02]\] . |
In the compliant solution, the log file is only opened once upon program startup, and is closed upon program termination. The log_message() function only writes the message to the already opened file.
HANDLE hFile = CreateFile(pFullPathName,
0, 0, NULL, OPEN_EXISTING, 0, NULL
);
if (hFile == INVALID_HANDLE_VALUE) {
/* handle error */
}
if (GetFileType(hFile) != FILE_TYPE_DISK) {
/* handle error */
}
|
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
FIO46-C |
2 (medium) |
1 (unlikely) |
2 (medium) |
P4 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[Howard 02|AA. C References#Howard 02]\] Chapter 11, "Canonical Representation Issues" \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section |