You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

The ungetc() function pushes a character onto an input stream. This pushed character can then be read by subsequent calls to functions that read from that stream. However, the ungetc() function has serious limitations. A call to a file positioning function, such as fseek(), will discard any character pushed on by ungetc(). Also, the C standard only guarantees that the pushing back of one character will succeed. Therefore, subsequent calls to ungetc() must be separated by a call to a read function or a file positioning function (which will discard any data pushed by ungetc()). If more than one character needs to be pushed by ungetc(), then an update stream should be used.

Non-Compliant Code Example

FILE* fptr = fopen("myfile.ext", "rb");
if (fptr == NULL) {
  /* handle error condition */
}

/* Read data */

ungetc('\n', fptr);
ungetc('\r', fptr);

/* Continue on */

Compliant Solution

(none known)

Risk Assessment

If used improperly, ungetc() can cause data to be truncated or lost.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO13-A

2 (medium)

2 (probable)

1 (high)

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Reference

[[ISO/IEC 9899-1999:TC2]] Section 7.19.7.11, "The ungetc function"

  • No labels