SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 58

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 59

changes.mady.by.user Alex Volkovitsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
/* ... */
FILE *file_ptr;
char filename[L_tmpnam_s];

if (tmpnam_s(filename, L_tmpnam_s) != 0) {
  /* Handle Error */
}
 
/* A TOCTOU race condition exists here */

if (!fopen_s(&file_ptr, filename, "wb+")) {
  /* Handle Error */
}
/* ... */

...

TR 24731-1 notes the following regarding the use of tmpfile_s instead of }}{{{}tmpnam_s:

After a program obtains a file name using the tmpnam_sfunction and before the program creates a file with that name, the possibility exists that someone else may create a file with that same name. To avoid this race condition, the tmpfile_s function should be used instead of tmpnam_s when possible. One situation that requires the use of the tmpnam_s function is when the program needs to create a temporary directory rather than a temporary file.

...