Tool
Version
Checker
Description
LANG.MEM.UVAR
DF4861, DF4862, DF4863
CERT_C-FIO40-a
Reset strings on fgets() or fgetws() failure
If either of the C Standard fgets() or fgetws() functions fail, the contents of the array being written is indeterminate. (See undefined behavior 170.) It is necessary to reset the string to a known value to avoid errors on subsequent string manipulation functions.
In this noncompliant code example, an error flag is set if fgets() fails. However, buf is not reset and has indeterminate contents:
#include <stdio.h>
enum { BUFFER_SIZE = 1024 };
void func(FILE *file) {
char buf[BUFFER_SIZE];
if (fgets(buf, sizeof(buf), file) == NULL) {
/* Set error flag and continue */
}
} |
In this compliant solution, buf is set to an empty string if fgets() fails. The equivalent solution for fgetws() would set buf to an empty wide string.
#include <stdio.h>
enum { BUFFER_SIZE = 1024 };
void func(FILE *file) {
char buf[BUFFER_SIZE];
if (fgets(buf, sizeof(buf), file) == NULL) {
/* Set error flag and continue */
*buf = '\0';
}
} |
FIO40-C-EX1: If the string goes out of scope immediately following the call to fgets() or fgetws() or is not referenced in the case of a failure, it need not be reset.
Making invalid assumptions about the contents of an array modified by fgets() or fgetws() can result in undefined behavior and abnormal program termination.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO40-C | Low | Probable | Medium | P4 | L3 |
Tool | Version | Checker | Description |
|---|---|---|---|
| CodeSonar | LANG.MEM.UVAR | Uninitialized Variable | |
| Helix QAC | DF4861, DF4862, DF4863 | ||
| LDRA tool suite | 44 S | Enhanced enforcement | |
| Parasoft C/C++test | CERT_C-FIO40-a | Reset strings on fgets() or fgetws() failure | |
| CERT C: Rule FIO40-C | Checks for use of indeterminate string (rule partially covered) | ||
| PVS-Studio | V1024 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
