Using the value of a pointer to a FILE
object after the associated file is closed is undefined behavior. (See undefined behavior 148153.) Programs that close the standard streams (especially stdout
but also stderr
and stdin
) must be careful not to use these streams in subsequent function calls, particularly those that implicitly operate on them (such as printf()
, perror()
, and getc()
).
...
Using the value of a pointer to a FILE
object after the associated file is closed is undefined behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
FIO46-C | Medium | Unlikely | Medium | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| Supported | |||||||
CodeSonar |
| IO.UAC | Use after close | ||||||
Compass/ROSE |
Coverity |
| USE_AFTER_FREE | Implemented | ||||||
Helix QAC |
| DF2696, DF2697, DF2698 | |||||||
Klocwork |
| SV.INCORRECT_RESOURCE_HANDLING.URH |
LDRA tool suite |
| 48 D | Partially implemented | ||||||
Parasoft C/C++test |
|
|
|
CERT_C-FIO46-a | Do not use resources that have been freed | ||||||||
PC-lint Plus |
| 2471 | Fully supported |
Polyspace Bug Finder |
| Checks for use of previously closed resource (rule partially covered) |
Function closes a previously closed stream
Argument to a standard function does not meet requirements for use in the function
Function operates on a previously closed streamSonarQube C/C++ Plugin |
| S3588 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
[IEEE Std 1003.1:2013] | XSH, System Interfaces, open |
[ISO/IEC 9899: |
2024] | Subclause 7. |
23.3, "Files" |
23.5.1, "The |
...
...