Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The return value of remove() is deliberately not checked because it is expected to fail if the file does not exist. If the file exists but cannot be removed, the rename() call will also fail, and the error will be detected at that point. This is a valid exception (EXP12-C-EX1) to EXP12-C. Do not ignore values returned by functions.

...

Calling rename() has implementation-defined behavior when the new file name refers to an existing file. Incorrect use of rename() can result in a file being unexpectedly overwritten or other unexpected behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO10-C

Medium

Probable

Medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(customization)Users can add a custom check for all uses of rename().
PRQA QA-C
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5015
LDRA tool suite
Include Page
PRQA QA-C_vPRQA QA-C_vwarncall -wc renamePartially implemented
LDRA_V
LDRA_V
592 SFully Implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

[IEEE Std 1003.1:2013]XSH, System Interfaces, access
[MSDN]rename()

...


...

Image Modified Image Modified Image Modified