SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 115

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 116

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For examples on how to just check for the existence of a file without actually opening it, please see FIO10-A. Take care when using the rename() function.

Non-Compliant Code Example: fopen()

In this non-compliant coding example, the file referenced by file_name is opened for writing. This example is non-compliant , however, if the programmer's intent was to create a new file, but the reference referenced file already exists.

Code Block
bgColor#FFCCCC
char *file_name;
FILE *fp;

/* initialize file_name */

fp = fopen(file_name, "w");
if (!fp) {
  /* handle error */
}

...

Wiki Markup
The {{open()}} function as defined in the Open Group Base Specifications Issue 6 \[[Open Group 04|AA. C References#Open Group 04]\] is available on many platforms and provides thefiner control thatthan {{fopen()}}. does notIn provide.  Ifparticular, {{fopen()}} accepts the {{O_CREAT}} and {{O_EXCL}} flags.  areWhen used together, these flags instruct the {{open()}} function to failsfail if the file specified by {{file_name}} already exists.

...

Wiki Markup
Care should be observedtaken when using {{O_EXCL}} with remote file systems as it does not work with NFS version 2. NFS version 3 added support for {{O_EXCL}} mode in {{open()}}. IETF RFC 1813 defines the {{EXCLUSIVE}} value to the {{mode}} argument of {{CREATE}} \[[Callaghan 95|AA. C References#Callaghan 95]\].

...

The GNU C library defines one an additional character for use in opentype: the character 'x' insists on creating a new file—if a file filename already exists, fopen fails rather than opening it. If you use 'x' you are guaranteed that you will not clobber an existing file. This is equivalent to the O_EXCL option to the open function.

Code Block
bgColor#ccccff
char *file_name;

/* initialize file_name */

FILE *fp = fopen(file_name, "wx");
if (!fp) {
  /* Handle Error */
}

Use of this (non-portable) extension can allow allows for the easy remediation of legacy code.

...

The ability to determine if an existing file has been opened or a new file has been created provides greater assurance that the intended file is accessed, or perhaps more importantly, a file other than the intended file is not acted upon.

...