SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 3

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version Current

changes.mady.by.user Caden Milne

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated UB references from C11->C23

The behavior of a program is undefined when it uses Using the value of a pointer to a FILE object after the associated file is closed is undefined behavior. (see See undefined behavior 148153.) Programs that close the standard streams (especially stdout but also stderr and stdin) must be careful not to use the stream objects these streams in subsequent function calls, particularly those that implicitly operate on such objects them (such as printf(), perror(), and getc()).

This rule can be generalized to other file representations.

Noncompliant Code Example

In this noncompliant code example the printf() function is called after , the stdout stream is used after it is closed.:

Code Block
bgColor#FFcccc
langc
#include <stdio.h>
 
int close_stdout(void) {
  if (fclose(stdout) !== 0EOF) {
    return -1;
  }
 
  printf("stdout successfully closed.\n");
  return 0;
}

...

In this compliant solution, stdout is not used again after it is closed. This must remain true for the remainder of the program, or stdout must be assigned the address of an open file object

Code Block
bgColor#ccccff
langc
#include <stdio.h>
 
int close_stdout(void) {
  if (fclose(stdout) !== 0EOF) {
    return -1;
  }

 
  fprintffputs(stderr, "stdout successfully closed.\n", stderr);
  return 0;
}

Risk Assessment

Using the value of a pointer to a FILE object after the associated file is closed is undefined behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO46-C

Medium

Unlikely

Medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
IO.UACUse after close
Compass/ROSE
   

Fortify SCA

5.0

 Can detect violations of this rule with CERT C Rule Pack 



Coverity
Include Page
Coverity_V
Coverity_V

USE_AFTER_FREE

Implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF2696, DF2697, DF2698


Klocwork
Include Page
Klocwork_V
Klocwork_V

RH.LEAK

SV.INCORRECT_RESOURCE_HANDLING.URH


LDRA tool suite
Include Page
LDRA_V
LDRA_V

49 D

Fully implemented

48 D

Partially implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CERT_C-FIO46-a

Do not use resources that have been freed

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2471

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule FIO46-C


Checks for use of previously closed resource (rule partially covered)

SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S3588

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[IEEE Std 1003.1:2013]XSH, System Interfaces, open
[ISO/IEC 9899:
2011
2024
Subclause 7

Subclause 7.

21

23.3, "Files"
Subclause 7.

21

23.5.1, "The fclose Function"

 


...

Image Modified Image Modified Image Modified