Page History

Make sure that included header file names are unique. According to C99 to the C standard [ISO/IEC 9899:19992011]

The implementation shall provide unique mappings for sequences consisting of one or more nondigits or digits (6.4.2.1) followed by a period (.) and a single nondigit. The first character shall not be a digit. The implementation may ignore distinctions of alphabetical case and restrict the mapping to eight significant characters before the period.

...

The following noncompliant code contains references to headers that may exist independently in various environments but can be ambiguously interpreted by a C99C-compliant compiler.

#include "Library.h"
#include <stdio.h>
#include <stdlib.h>
#include "library.h"

#include "utilities_math.h"
#include "utilities_physics.h"

#include "my_library.h"

/* Rest of program */

...

#include "Lib_main.h"
#include <stdio.h>
#include <stdlib.h>
#include "lib_2.h"

#include "util_math.h"
#include "util_physics.h"

#include "my_library.h"

/* Rest of program */

The only solution for mitigating ambiguity of a file, such as my_libraryOLD.h, is to rename old files with either a prefix (that would fall within the first eight characters) or add an extension (such as my_library.h.old).

Exceptions

PRE08-EX1: While C99 requires While the C standard requires only the first eight characters in the file name to be significant, most modern systems have long file names, and compilers on such systems can typically differentiate them. Consequently, long file names in headers may be used, provided that all the implementations to which the code is ported can distinguish between these file names.

...

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

CERT C++ Secure Coding Standard: PRE08-CPP. Guarantee that header file names are unique

ISO/IEC 9899:19992011 Section 6.10.2, "Source file inclusion"

...