...
In this compliant solution, the original FILE object is used in the call to fputs().
| Code Block | ||
|---|---|---|
| ||
#include <stdio.h>
int main(void) {
fputs("Hello, World!\n", stdout);
return 0;
}
|
Risk Assessment
Using a copy of a FILE object in place of the original is likely to result in a crash which can be used in a denial-of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO38-C | 2 (medium) | 2 (probable) | 2 (medium) | P8 | L2 |
References
- ISO/IEC 9899-1999 Section 7.19.3 Files