...
In this noncompliant code example, the programmer chooses to use a local version of the standard library but does not make the change clear.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include "stdio.h" /* confusing, distinct from <stdio.h> */ /* ... */ |
...
The solution addresses the problem by giving the local library a unique name (per PRE08-C. Guarantee that header file names are unique), which makes it apparent that the library used is not the original.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* Using a local version of stdio.h */ #include "mystdio.h" /* ... */ |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | PRE04-CPP. Do not reuse a standard header file name |
| CERT Oracle Secure Coding Standard for Java | DCL01-J. Do not reuse public identifiers from the Java Standard Library |
Bibliography
| [ISO/IEC 9899:2011] | Section 7.1.2, "Standard Headers" |