SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 48

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 49

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Section 7.1921.7.11 of C99 defines ungetc() as follows 10 of C11 [ISO/IEC 9899:1999]2011] defines ungetc() as follows:

The ungetc function pushes the character specified by c (converted to an unsigned char) back onto the input stream pointed to by stream. Pushed-back characters will be returned by subsequent reads on that stream in the reverse order of their pushing. A successful intervening call (with the stream pointed to by stream) to a file positioning function (fseek, fsetpos, or rewind) discards any pushed-back characters for the stream. The external storage corresponding to the stream is unchanged.

One character of pushback is guaranteed.

Consequently, multiple calls to ungetc() on the same stream must be separated by a call to a read function or a file-positioning function (which will discard any data pushed by ungetc()).

Likewise, for ungetwc(), C99 C guarantees only guarantees one wide character of pushback (Section 7.2429.3.10). Consequently, multiple calls to ungetwc() on the same stream must be separated by a call to a read function or a file-positioning function (which will discard any data pushed by ungetwc()).

...

Code Block
bgColor#ffcccc
langc

FILE *fp;
char *file_name;

/* initialize file_name */

fp = fopen(file_name, "rb");
if (fp == NULL) {
  /* Handle error */
}

/* read data */

if (ungetc('\n', fp) == EOF) {
  /* Handle error */
}
if (ungetc('\r', fp) == EOF) {
  /* Handle error */
}

/* continue on */

...

Code Block
bgColor#ccccff
langc

FILE *fp;
fpos_t pos;
char *file_name;

/* initialize file_name */

fp = fopen(file_name, "rb");
if (fp == NULL) {
  /* Handle error */
}

/* read data */

if (fgetpos(fp, &pos)) {
  /* Handle error */
}

/* read the data that will be "pushed back" */

if (fsetpos(fp, &pos)) {
  /* Handle error */
}

/* Continue on */

Remember to always call fgetpos() before fsetpos(). (See rule FIO44-C. Only use values for fsetpos() that are returned from fgetpos().)

...

Compass/ROSE

can

Can detect simple violations of this recommendation. In particular, it warns when two calls to ungetc() on the same stream are not interspersed with a file-positioning or file-read function.

It is unable to

It cannot handle cases where ungetc() is called from inside a loop

section

.

83 D

Tool

Version

Checker

Description

Section

 

 

Section

LDRA tool suite

Include Page
LDRA_V
LDRA_V
Section
Section

Fully

Implemented

implemented.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

ISO/IEC 9899:1999 Section 2011 Section 7.1921.7.1112, "The ungetc function," and Section 7.29.3.10, "The ungetwc function"

Bibliography

...