...
- The first eight characters in the filename are significant
- The file only has one character after the period in the filename
- The case of the characters in the filename is not necessarily significant
Therefore, to To guarantee header filenames are unique, all included files should differ (in a case insensitive manner) in their first eight characters or in their (one character) file extension.
Non-Compliant Code Example
The following non-compliant code contains references to headers that may exist independently on a specific architecture, can be ambiguously interpreted by a C99 compliant compiler.
Code Block | ||
---|---|---|
| ||
#include "Library.h" #include <stdio.h> #include <stdlib.h> #include "library.h" #include "utilities_math.h" #include "utilities_physics.h" #include "my_library.h" /* Rest of program */ |
Library.h
and library.h
may be interpreted as being refer to the same file. Also, because only the first eight characters are guaranteed to be significant, it is unknown which of unclear whether utilities_math.h
and utilities_physics.h
will actually be are parsed. Finally, if there existed a file such as my_libraryOLD.h
exists, it may inadvertently be included instead of my_library.h
.
Compliant Solution
This compliant solution avoids the ambiguity by renaming the associated files to be unique under the above constraints.
...
The only solution for mitigating ambiguity of a file such as my_libraryOLD.h
is to rename old files with either a prefix (that would fall within the first eight characters) or to add an extension (such as my_library.h.old
).
Risk Assessment
Failing to guarantee uniqueness of header files may cause result in the inclusion of an older version of a header file, which may include insecure implementations of macrosincorrect macro definitions, obsolete function prototypes, or result in other errors that may or may not be detected by the compiler.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
PRE31-C | 1 (low) | 1 (unlikely) | 1 (high) | P1 | L3 |
References
Wiki Markup |
---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.10.2 "Source file inclusion" |