SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 11

changes.mady.by.user Chad Dougherty

Saved on

compared with

New Version 12

changes.mady.by.user Chad Dougherty

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The

...

rename()

...

function

...

has

...

the

...

following

...

prototype:

{
Code Block
}
int rename(const char *old, const char *new);
{code}

If

...

the

...

file

...

pointed

...

to

...

by

...

new

...

exists

...

prior

...

to

...

a

...

call

...

to

...

rename()

...

,

...

the

...

behavior

...

is

...

implementation-defined.

...

Therefore,

...

care

...

must

...

be

...

taken

...

when

...

using

...

rename()

...

.

Non-Compliant

...

Code

...

Example

...

In

...

the

...

following

...

non-compliant

...

code,

...

a

...

file

...

is

...

renamed

...

to

...

another

...

file

...

using

...

rename()

...

.

{:=
Code Block
bgColor
#ffcccc
/* program code */
const char *old = "oldfile.ext";
const char *new = "newfile.ext";
if (rename(old, new) != 0) {
  /* Handle rename failure */
}
/* program code */
{null}

However,

...

if

...

newfile.ext

...

already

...

existed,

...

the

...

result

...

is

...

undefined.

...

Compliant

...

Solution

...

This

...

compliant

...

solution

...

first

...

checks

...

for

...

the

...

existence

...

of

...

the

...

new

...

file

...

before

...

the

...

call

...

to

...

rename()

...

.

...

Note

...

that

...

this

...

code

...

contains

...

an

...

unavoidable

...

race

...

condition

...

between

...

the

...

call

...

to

...

fopen()

...

and

...

the

...

call

...

to

...

rename()

...

.

{:=
Code Block
bgColor
#ccccff
/* program code */
const char *old = "oldfile.ext";
const char *new = "newfile.ext";
FILE *file = fopen(new, "r");

if (file != NULL) {
  fclose(file);
  if (rename(old, new) != 0) {
    /* Handle remove failure */
  }
}
else {
  /* handle error condition */
}
/* program code */
{null}

h2. Risk Assessment

Using {{

Risk Assessment

Using rename()

...

without

...

caution

...

leads

...

to

...

undefined

...

behavior,

...

possibly

...

resulting

...

in

...

a

...

file

...

being

...

unexpectedly

...

overwritten.

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO10-A

2 (medium)

2 (probable)

2 (medium)

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.9.4.2, "The {{rename}} function"