Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Until the early 1980s, large software development projects had a continual problem with the inclusion of headers. One group might have produced a graphics.h, for example, which started by including io.h. Another group might have produced keyboard.h, which also included io.h. If io.h could not safely be included several times, arguments would break out about which header should include it. Sometimes an agreement was reached that each header should include no other headers, and therefore as a result, some application programs started with dozens of #include lines, and sometimes they got the ordering wrong or forgot a required header that was needed.

Compliant Solution

All these complications disappeared with the discovery of a simple technique: each header should #define a symbol that means "I have already been included." The entire header is then enclosed in an inclusion guard:

...

Wiki Markup
Because solutions such as this one make it possible to create a header file that can be included more than once, the C standard \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] guarantees that the standard headers are safe for multiple inclusion.

Risk Assessment

Failure to include header files in an inclusion guard can result in unexpected behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

PRE06-A

1 (low)

1 (unlikely)

3 (low)

P3

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

The LDRA tool suite V 7.6.0 is able to detect violations of this recommendation.

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.10, "Preprocessing directives," Section 5.1.1, "Translation environment," and Section 7.1.2, "Standard headers"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 19.5
\[[Plum 85|AA. C References#Plum 85]\] Rule 1-14

...