Wiki Markup
The implementation shall provide unique mappings for sequences consisting of one or more nondigits or digits (6.4.2.1) followed by a period (.) and a single nondigit. The first character shall not be a digit. The implementation may ignore distinctions of alphabetical case and restrict the mapping to eight significant characters before the period.
...
- Only the first eight characters in the filename file name are guaranteed to be significant.
- The file has only one , nondigit character after the period in the filenamefile name.
- The case of the characters in the filename file name is not guaranteed to be significant.
To guarantee that header filenames file names are unique, all included files should differ (in a case-insensitive manner) in their first eight characters or in their (one-character) file extension.
Note that compliance with this recommendation does not require that short filenames file names are used, only that the filenames file names are unique.
...
Noncompliant Code Example
The following non-compliant code This noncompliant code example contains references to headers that may exist independently in various environments but can be ambiguously interpreted by a C99C-compliant compiler.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include "Library.h" #include <stdio.h> #include <stdlib.h> #include "library.h" #include "utilities_math.h" #include "utilities_physics.h" #include "my_library.h" /* Rest of program... */ |
Library.h and library.h may refer to the same file. Also, because only the first eight characters are guaranteed to be significant, it is unclear whether utilities_math.h and utilities_physics.h are parsed. Finally, if a file such as my_libraryOLD.h exists, it may inadvertently be included instead of my_library.h.
Compliant Solution
This compliant solution avoids the ambiguity by renaming the associated files to be unique under the above the preceding constraints.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include "Lib_main.h" #include <stdio.h> #include <stdlib.h> #include "lib_2.h" #include "util_math.h" #include "util_physics.h" #include "my_library.h" /* Rest of program... */ |
The only solution for mitigating ambiguity of a file, such as my_libraryOLD.h, is to rename old files with either a prefix (that would fall within the first eight characters) or to add an extension (such as my_library.h.old).
Exceptions
PRE08-C-EX1: While C99 only requires eight significant characters Although the C Standard requires only the first eight characters in the file name to be significant, most modern systems have long filenamesfile names, and compilers on such systems can typically differentiate them. Consequently, long filenames file names in headers may be used, provided that all the implementations to which the code is ported can distinguish between these filenamesfile names.
Risk Assessment
Failing to guarantee uniqueness of header files may result in the inclusion of an older version of a header file, which may include incorrect macro definitions or obsolete function prototypes or result in other errors that may or may not be detected by the compiler. Portability issues may also stem from the use of header names that are not guaranteed to be unique.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
PRE08- |
1 (low)
1 (unlikely)
1 (high)
P1
L3
C | Low | Unlikely | Medium | P2 | L3 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Axivion Bauhaus Suite |
| CertC-PRE08 | |||||||
| CC2.PRE08 | Fully implemented | |||||||
| Helix QAC |
| C5002 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
...
Related Guidelines
Bibliography
...
| 9899:2011] | Subclause 6.10.2, |
...
| "Source File Inclusion" |
...
file inclusion"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 19.5PRE07-A. Avoid using repeated question marks 01. Preprocessor (PRE) PRE09-A. Do not replace secure functions with less secure functions