Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added PC-lint Plus to Automated Detection Table

...

If used improperly, ungetc() and ungetwc() can cause data to be truncated or lost.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO13-C

Medium

Probable

High

P4

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(customization)Users can implement a custom check that triggers a warning when ungetc() is called twice on the same stream without an intervening call to a read function or a file-positioning function.
Compass/ROSE

 

 



Can detect simple violations of this recommendation. In particular, it warns when two calls to ungetc() on the same stream are not interspersed with a file-positioning or file-read function. It cannot handle cases where ungetc() is called from inside a loop

LDRA tool suite
Include Page
LDRA_V
LDRA_V

83 D

Partially implemented

PC-lint Plus

Include Page
PC-lint Plus_V

Fully implemented

PC-lint Plus_V

2470

Fully supported

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[ISO/IEC 9899:2011]Subclause 7.21.7.10, "The ungetc Function"

...


...

Image Modified Image Modified Image Modified