...
Identifiers with external linkage include setjmp, errno, math_errhandling, va_end.
In the example errno is defined. The errno value set by the function open() would not be accessible to the program as its definition is suppressed.
| Code Block | ||
|---|---|---|
| ||
#include <errno.h>
#define errno 200
int validate(unsigned int secretValue){
char fname[] = "non_exist.txt";
int fd;
int result = -1;
fd = open(fname, O_RDONLY);
if(fd == -1){
printf("Error opening file. Error code : %d\n", errno);
return result;
}
close(fd);
if(errno % secretValue == 20){
result = 0;
}
else{
result = -1;
}
return result;
}
|
Compliant Solution
In the compliant solution, the reserved identifier errno is not used.
| Code Block | ||
|---|---|---|
| ||
#include <errno.h>
#define keyNum 200
int validate(unsigned int secretValue){
char fname[] = "non_exist.txt";
int fd;
int result = -1;
fd = open(fname, O_RDONLY);
if(fd == -1){
printf("Error opening file. Error code : %d\n", errno);
return result;
}
close(fd);
if(errno % secretValue == 20){
result = 0;
}
else{
result = -1;
}
return result;
}
|
Risk Assessment
Use of reserved identifiers may cause incorrect program operation.
...