SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 45

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 46

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.4 (sch jbop) (X_X)@==(Q_Q)@

...

Software developers can avoid the vulnerability or mitigate its ill effects in the following ways:

  • A strategy for fault handling should be decided. Consistency in fault handling should be the same with respect to critically similar parts.
  • A multitiered approach of fault prevention, fault detection, and fault reaction should be used.
  • System-defined components that assist in uniformity of fault handling should be used when available. For one example, designing a "runtime constraint handler" (as described in ISO/IEC TR 24731-1) permits the application to intercept various erroneous situations and perform one consistent response, such as flushing a previous transaction and restarting at the next one.
  • When there are multiple tasks, a fault-handling policy should be specified whereby a task may
    • halt, and keep its resources available for other tasks (perhaps permitting restarting of the faulting task)
    • halt, and remove its resources (perhaps to allow other tasks to use the resources so freed, or to allow a recreation of the task)
    • halt, and signal the rest of the program to likewise halt

Risk Analysis

Failure to adopt and implement a consistent and comprehensive error handling policy is detrimental to system survivability and can result in a broad range of vulnerabilities depending on the operational characteristics of the system.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR00-A C

medium

probable

high

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Fisher 99|AA. C References#Fisher 99]\]
\[[Horton 90|AA. C References#Horton 90]\] Section 11, p. 168, and Section 14, p. 254
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Sections 7.1.4, 7.9.10.4, and 7.11.6.2
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "REU Termination strategy" and "NZN Returning error status"
\[[Koenig 89|AA. C References#Koenig 89]\] Section 5.4, p. 73
\[[Lipson 00|AA. C References#Lipson 00]\]
\[[Lipson 06|AA. C References#Lipson 06]\]
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 16.1
\[[Summit 05|AA. C References#Summit 05]\] C-FAQ Question 20.4

...

12. Error Handling (ERR)      12. Error Handling (ERR)       ERR01-A. Use ferror() rather than errno to check for FILE stream errors Image Added