SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 10

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 11

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
int open(const char *path, int oflag, ... );

Wiki Markup
The {{open()}} function accepts a third argument to determine a newly created file's access mode. If {{open()}} is used to create a new file and the third argument is omitted, the file may be created with unintended access permissions
. This omission has been known to lead to vulnerabilities (for instance, CVE-2006-1174).
\[[FIO06-A. Create files with appropriate access permissions]\].

Code Block
bgColor#FFCCCC
/* ... */
int fd = open(file_name, O_CREAT | O_WRONLY); /* access permissions are missing */
if (fd == -1){
  /* Handle Error */
}
/* ... */

Compliant Solution

To correct this example, a third argument is specified in the call to open().

Code Block
bgColor#ccccff

/* ... */
int fd = open(file_name, O_CREAT | O_WRONLY, file_access_permissions);
if (fd == -1){
  /* Handle Error */
}
/* ... */