Macros are frequently used in the remediation of existing code to globally replace one identifier with another, for example, when an existing API changes. Although some risk is always involved, this practice becomes particularly dangerous if a function name is replaced with the function name of a deprecated or obsolescent function. Deprecated functions are defined by the C Standard and Technical Corrigenda. Obsolescent functions are defined by MSC34MSC24-C. Do not use deprecated or obsolete obsolescent functions.
Although compliance with rule MSC34MSC24-C. Do not use deprecated or obsolete obsolescent functions guarantees compliance with this recommendation, the emphasis of this recommendation is the extremely risky and deceptive practice of replacing functions with less secure alternatives.
...
Replacing secure functions with less secure functions is a very risky practice because developers can be easily fooled into trusting the function to perform a security check that is absent. This may be a concern, for example, as developers attempt to adopt more secure functions, like such as the C11 Annex K functions [ISO/IEC 9899:2011] that , that might not be available on all platforms. (See STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code.)
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
PRE09-C | highHigh | likelyLikely | mediumMedium | P18 | L1 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| PRQA QA-C |
| Secondary analysis | Fully implemented |
...
| [Open Group 2004] | vsnprintf() | ||
| [Seacord 2013] | Chapter 6, "Formatted Output" | [ISO/IEC 9899:2011] | Subclause 7.21.6.12, "The" |
| [VU#654390] |
...