SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 50 Next »

According to the C Standard, Section 7.21.3, para. 6 [ISO/IEC 9899:2011],

The address of the FILE object used to control a stream may be significant; a copy of a FILE object need not serve in place of the original.

Consequently, do not copy a FILE object.

Noncompliant Code Example

This noncompliant code example can fail because a copy of stdout is being used in the call to fputs().

int main(void) {
  FILE my_stdout = *(stdout);  /* violation */
  if (fputs("Hello, World!\n", &my_stdout) == EOF) {
    /* Handle error */
  }
  return 0;
}

For example, this noncompliant example raises an "access violation" exception at run-time when compiled under Microsoft Visual Studio Express 2012 and run under Windows.

Compliant Solution

In this compliant solution, a copy of the pointer to the FILE object is used in the call to fputs().

int main(void) {
  FILE *my_stdout = stdout;
  if (fputs("Hello, World!\n", my_stdout) == EOF) {
    /* Handle error */
  }
  return 0;
}

Risk Assessment

Using a copy of a FILE object in place of the original may result in a crash, which can be used in a denial-of-service attack.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO38-C

low

probable

medium

P4

L3

Automated Detection

ToolVersionCheckerDescription
Compass/ROSE  

Can detect simple violations of this rule.

LDRA tool suite

9.7.1

591 S

Fully implemented.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard: FIO38-CPP. Do not use a copy of a FILE object for input and output

ISO/IEC 9899:2011 Section 7.21.3, "Files"

ISO/IEC TR 17961 (Draft) Copying a FILE object [filecpy]

Bibliography

  • No labels