SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user David Keaton

Saved on

compared with

New Version 16

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this compliant solution, the opener() function returns a value of type errno_t, providing a clear indication that this returns a value that might be found in function returns an errno.

Code Block
bgColor#ccccff
#include <errno.h>

enum { NO_FILE_POS_VALUES = 3 };

errno_t opener(FILE* file, int *width, int *height, int *data_offset) {
  int file_w;
  int file_h;
  int file_o;
  int rc;
  fpos_t offset;

  if (file == NULL) { return EINVAL; }
  if (fgetpos(file, &offset) != 0 ) { return errno; }
  if (fscanf(file, "%i %i %i", &file_w, &file_h, &file_o)  != NO_FILE_POS_VALUES) { return EIO; }
  if (fsetpos(file, &offset) != 0 ) { return errno; }

  *width = file_w;
  *height = file_h;
  *data_offset = file_o;

  return 0;
}

...

Failing to test for error conditions can lead to vulnerabilities of varying severity. Declaring functions that return an errno with a return type of errno_t will not eliminate this problem but will help mitigate it, but may reduce errors caused by programmers misunderstanding the purpose of a return value.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL09-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

...