Recommendations

ERR00-A. Adopt and implement a consistent and comprehensive error handling policy

ERR01-A. Use ferror() rather than errno to check for FILE stream errors

ERR02-A. Avoid in-band error indicators

ERR03-A. Use runtime-constraint handlers when calling functions defined by TR24731-1

ERR04-A. Choose an appropriate termination strategy

ERR05-A. Application-independent code must provide error detection without dictating error handling

ERR06-A. Understand the termination behavior of assert() and abort()

Rules

ERR30-C. Set errno to zero before calling a function, and use it only after the function returns a value indicating failure

ERR31-C. Don't redefine errno

ERR32-C. Do not rely on indeterminate values of errno

Risk Assessment Summary

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR00-A

medium

probable

medium

P8

L2

ERR01-A

high

likely

high

P9

L2

ERR02-A

low

unlikely

high

P1

L3

ERR03-A

low

unlikely

low

P3

L3

ERR04-A

medium

unlikely

low

P6

L2

ERR05-A

high

likely

high

P9

L2

ERR06-A

 

 

 

 

 

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ERR30-C

low

unlikely

low

P3

L3

ERR31-C

low

unlikely

low

P3

L3

ERR32-C

low

unlikely

low

P3

L3

Related Rules and Recommendations


      11. Signals (SIG)       ERR00-A. Adopt and implement a consistent and comprehensive error handling policy