...
In this noncompliant code example the printf() function is called after the stdin the stdout stream is closed.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h> int close_stdinstdout(void) { if (fclose(stdinstdout) !== 0) { return -1; } else { printf("stdinstdout successfully closed.\n"); } return 0; } |
Compliant Solution
In this compliant solution, stdin stdout is not used again after it is closed. This This must remain true for the remainder of the program.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h> int close_stdinstdout(void) { if (fclose(stdinstdout) =!= 0) { return -1; } else { fprintf(stderr, "stdinstdout successfully closed.\n"); } return 0; } |
...
Risk Assessment
Using the value of a pointer to a FILE object after the associated file is closed is undefined behavior.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
| [IEEE Std 1003.1:2013] | XSH, System Interfaces, open |
| [ISO/IEC 9899:2011] | Subclause 7.21.3, "Files" Subclause 7.21.5.1, "The |
...