SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 37

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 38

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Use ferror() rather than errno to check whether an error has occurred on a file stream (for example, after a long chain of stdio calls, for example). The ferror() function tests the error indicator for a specified stream and returns nonzero if and only if the error indicator is set for the stream.

...

Many implementations of the stdio package adjust their behavior slightly if stdout is a terminal. To make the determination, these implementations perform some operation that fails (with ENOTTY) if stdout is not a terminal. Although the output operation goes on to complete successfully, errno still contains ENOTTY. This behavior can be mildly confusing, but it is not strictly incorrect , because it is only meaningful for a program to inspect the contents of errno after an error has been reported. More precisely, errno is only meaningful after a library function that sets errno on error has returned an error code.

...

This compliant solution uses ferror() to detect an error.   In addition, if an early call to printf() fails, later calls may modify errno, whether they fail or not, so the program cannot rely on being able to detect the root cause of the original failure if it waits until after a sequence of library calls to check.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

CERT This rule appears in the C++ Secure Coding Standard as : ERR01-CPP. Use ferror() rather than errno to check for FILE stream errors.

Bibliography

unmigrated-wiki-markup

\[[Horton 90|AA. Bibliography#Horton 90]\] Section 14, p. 254 \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.3.1.1, "Boolean, characters, and integers," Section 7.1.4, and Section 7.9.10.3, "The {{ ferror function"

ISO/IEC TR 24772 "NZN Returning error status"

Bibliography

Wiki Markup
}} function"
\[[ISO/IEC PDTR 24772Horton 1990|AA. Bibliography#ISO/IEC PDTR 24772Bibliography#Horton 90]\] "NZNSection Returning14, errorp. status"254
\[[Koenig 891989|AA. Bibliography#Koenig 89]\] Section 5.4, p. 73

...