SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 32

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 33

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Remember to always call fgetpos() before fsetpos() (see FIO44-C. Only use values for fsetpos() that are returned from fgetpos()).

Automated Detection

The tool Compass/ROSE can easily identify two instances of the ungetc() function inside a function. Determining if one instance of ungetc() being invoked twice is better handled by dynamic analysis.

Risk Assessment

If used improperly, ungetc() can cause data to be truncated or lost.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO13-A

medium

probable

high

P4

L3

Automated Detection

Compass/ROSE can easily identify two instances of the ungetc() function inside a function. Determining if one instance of ungetc() being invoked twice is better handled by dynamic analysis.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...