| Wiki Markup |
|---|
Section 7.19.5.3 of C99 places the following restrictions on update streams: \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] <blockquote><p>When a file is opened with update mode both input and output may be performed on the associated stream. However, output shall not be directly followed by input without an intervening call to the <code>fflush</code> function or to a file positioning function (<code>fseek</code>, <code>fsetpos</code>, or <code>rewind</code>), and input shall not be directly followed by output without an intervening call to a file positioning function, unless the input operation encounters : |
When a file is opened with update mode both input and output may be performed on the associated stream. However, output shall not be directly followed by input without an intervening call to the
fflushfunction or to a file positioning function (fseek,fsetpos, orrewind), and input shall not be directly followed by output without an intervening call to a file positioning function, unless the input operation encounters end-of-file.
...
Opening
...
(or
...
creating)
...
a
...
text
...
file
...
with
...
update
...
mode
...
may
...
instead
...
open
...
(or
...
create)
...
a
...
binary
...
stream
...
in
...
some
...
implementations.
Receiving input from a stream directly following an output to that stream without an intervening call to fflush(), fseek(), fsetpos(), or rewind(), or outputting to a stream after receiving input from it without a call to fseek(), fsetpos(), rewind() if the file is not at end-of-file results in undefined behavior. (See also undefined behavior 143 in Annex J of C99.) Consequently, a call to fseek(), fflush() or fsetpos() is necessary between input and output to the same stream. (See recommendation FIO07-C. Prefer fseek() to rewind().)</p></blockquote>Receiving input from a stream directly following an output to that stream without an intervening call to {{fflush()}}, {{fseek()}}, {{fsetpos()}}, or {{rewind()}}, or outputting to a stream after receiving input from it without a call to {{fseek()}}, {{fsetpos()}}, {{rewind()}} if the file is not at end-of-file results in [undefined behavior|BB. Definitions#undefined behavior] (see also [undefined behavior 143| CC. Undefined Behavior#ub_143] in Annex J of C99). Consequently, a call to {{fseek()}}, {{fflush()}} or {{fsetpos()}} is necessary between input and output to the same stream (see [FIO07-C. Prefer fseek() to rewind()|FIO07-C. Prefer fseek() to rewind()]).
Noncompliant Code Example
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO39-C | low | likely | medium | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
|
...
|
...
|
|
...
| |||||||
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
CERT This rule appears in the C++ Secure Coding Standard as : FIO39-CPP. Do not alternately input and output from a stream without an intervening flush or positioning call.
Bibliography
unmigrated-wiki-markup
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.19.5.3, "The {{fopen}} function"
Bibliography
...
FIO38-C. Do not use a copy of a FILE object for input and output 09. Input Output (FIO) FIO40-C. Reset strings on fgets() failure