Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 2024.1

...

The risk in using in-band error indicators is difficult to quantify and is consequently given as low. However, if the use of in-band error indicators results in programmers' failing to check status codes or incorrectly checking them, the consequences can be more severe.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR02-C

Low

Unlikely

High

P1

L3

Automated Detection

Tool

Version

Checker

Description

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-ERR02-a

The input/output functions from the 'cstdio' and 'cwchar' libraries should not be used

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

[Burch 2006]
 

[ISO/IEC 9899:2011]

Subclause 6.3.2, "Other Operands"
Annex K, "Bounds-checking Interfaces"

...


...

Image Modified Image Modified Image Modified