SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 24

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 25

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.4 (sch jbop) (X_X)@==(Q_Q)@

...

Wiki Markup
An [implementation|BB. Definitions#implementation] may define additional mode strings, but only the modes in the above table are fully portable and C99 compliant \[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\].

Risk Assessment

Using a mode string that is not recognized by an implementation may cause the call to fopen() to fail.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO11-A C

medium

probable

medium

P8

L2

Automated Detection

Compass/ROSE can detect violations of this recommendation.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.9.15.3, "The {{fopen}} function"

...

      09. Input Output (FIO)       FIO12-AC. Prefer setvbuf() to setbuf()