SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 97

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 98

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

...

Code Block
bgColor#FFCCCC
char file_name[] = /* hard coded string */;
FILE *fp;

if (!(fp = fopen(file_name, "wb+"))) {
  /* Handle Error */
}

...

Code Block
bgColor#FFCCCC
char file_name[L_tmpnam];
FILE* fp;

if (!tmpnam(file_name)) {
  /* Handle Error */
}

/* A TOCTOU race condition exists here */

if (!(fp = fopen(file_name, "wb+"))) {
   /* Handle Error */
}

...

Code Block
bgColor#FFCCCC
char file_name[L_tmpnam];
int fd;

if (!(tmpnam(file_name))) {
  /* Handle Error */
}

/* A TOCTOU race condition exists here */

if ((fd = open(file_name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, 0600)) < 0) {
   /* Handle Error */
}

...

Code Block
bgColor#FFCCCC
char file_name[L_tmpnam_s];
int fd;

if (tmpnam_s(file_name, L_tmpnam_s) != 0) {
  /* Handle Error */
}

/* A TOCTOU race condition exists here */

if ((fd = open(file_name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, 0600)) < 0) {
   /* Handle Error */
}

...