According to the C Standard, 7.2123.3, paragraph 6 [ISO/IEC 9899:20112024],
The address of the
FILEobject used to control a stream may be significant; a copy of aFILEobject need is not required to serve in place of the original.
...
| Tool | Version | Checker | Description | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| file-dereference | Partially checked | ||||||||||||||||
| Axivion Bauhaus Suite |
| CertC-FIO38 | Fully implemented | ||||||||||||||||
| Clang |
| misc-non-copyable-objects | Checked with clang-tidy | ||||||||||||||||
| Compass/ROSE | Can detect simple violations of this rule | ||||||||||||||||||
| Coverity |
| MISRA C 2012 Rule 22.5 | Partially implemented | ||||||||||||||||
| Cppcheck Premium |
| premium-cert-fio38-c | Fully implemented | ||||||||||||||||
| Helix QAC |
| C1485, C5028 C++3113, C++3114 | |||||||||||||||||
| Klocwork |
| MISRA.FILE_PTR.DEREF.2012 | |||||||||||||||||
| LDRA tool suite |
| 591 S | Fully implemented | RuleChecker||||||||||||||||
| Parasoft C/C++test |
| RuleChecker
| RuleCheckerCERT_C-FIO38-a | A pointer to a FILE object shall not be dereferenced | |||||||||||||||
| PC-lint Plus |
| file-dereference | Partially checked
| 9047 | Partially supported: reports when a FILE pointer is dereferenced | ||||||||||||||
| R2017b | Invalid file position | fsetpos() is invoked with a file position argument not obtained from fgetpos() | PRQA QA-C++ | |||||||||||||||
| Include Page | cplusplus:PRQA QA-C++_V | cplusplus:PRQA QA-C++_V |
| CERT C: Rule FIO38-C | Checks for misuse of a FILE object (rule fully covered) | ||||||||||||||
| RuleChecker |
| file-dereference | Partially checked | 5013
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Bibliography
| [ISO/IEC 9899:20112024] | 7.2123.3, "Files" |
...