...
See ERR04-C. Choose an appropriate termination strategy for more information on program termination strategies and MSC11-AC. Incorporate diagnostic tests using assertions for more information on using the assert() macro.
...
Noncompliant Code Example
The following non-compliant noncompliant code defined a function intended to be called before the program exits, to properly clean up after itself.
...
However, the code also has an assert, and if the assertion fails, the cleanup() function is not called.
Compliant Solution
In this compliant solution, the call to assert() is replaced with an if statement that calls exit() to ensure that the proper termination routines are run.
| Code Block | ||
|---|---|---|
| ||
void cleanup(void) {
/* delete temporary files, restore consistent state, etc */
}
int main(void) {
if (atexit(cleanup) != 0) {
/* Handle Error */
}
/* ... */
if (/* something bad happened */) {
exit(EXIT_FAILURE);
}
/* ... */
}
|
Risk Analysis
Unsafe usage of abort() may leave files written in an inconsistent state. It may also leave sensitive temporary files on the file system.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ERR06-A C | medium | unlikely | medium | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.2.1.1, "The {{assert}} macro," and Section 7.20.4.1, "The {{abort}} function"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "REU Termination Strategy" |
...