Skip to main content
GitHub

Input Output (FIO)

Risk Assessment Summary

Rule Severity Likelihood Detectable Repairable Priority Level
FIO30-C High Likely Yes No P18 L1
FIO32-C Medium Unlikely No No P2 L3
FIO34-C High Probable Yes Yes P18 L1
FIO37-C High Probable Yes Yes P18 L1
FIO38-C Low Probable Yes No P4 L3
FIO39-C Low Likely Yes No P6 L2
FIO40-C Low Probable Yes Yes P6 L2
FIO41-C Low Unlikely Yes Yes P3 L3
FIO42-C Medium Unlikely No No P2 L3
FIO44-C Medium Unlikely No No P2 L3
FIO45-C High Probable No No P6 L2
FIO46-C Medium Unlikely No No P2 L3
FIO47-C High Unlikely Yes No P6 L2
Avoid having unreachable code
Copy of Rule Template
DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first
DRD04-J. Do not log sensitive information
DRD11. Ensure that sensitive data is kept secure
DRD12. Do not trust data from world-writable files
DRD22. Do not cache sensitive information
DRD23. Do not use world readable or writeable to share files between apps
DRD25. Use constant-time encryption
DRD27-J. For OAuth, use an explicit intent method to deliver access tokens
DRD28 Do not load world-writable libraries
FIO00-J. Do not operate on files in shared directories
FIO00-PL. Do not use bareword file handles
FIO01-C. Be careful using functions that use file names for identification
FIO01-J. Create files with appropriate access permissions
FIO01-PL. Do not operate on files that can be modified by untrusted users
FIO02-C. Canonicalize path names originating from tainted sources
FIO02-J. Detect and handle file-related errors
FIO03-C. Do not make assumptions about fopen() and file creation
FIO03-J. Remove temporary files before termination
FIO04-J. Release resources when they are no longer needed
FIO05-C. Identify files using multiple file attributes
FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code
FIO06-C. Create files with appropriate access permissions
FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream
FIO07-J. Do not let external processes block on IO buffers
FIO08-C. Take care when calling remove() on an open file
FIO08-J. Distinguish between characters or bytes read from a stream and -1
FIO09-C. Be careful with binary data when transferring data across systems
FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255
FIO10-C. Take care when using the rename() function
FIO10-J. Ensure the array is filled when using read() to fill an array
FIO11-C. Take care when specifying the mode parameter of fopen()
FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding
FIO12-J. Provide methods to read and write little-endian data
FIO13-C. Never push back anything other than one read character
FIO13-J. Do not log sensitive information outside a trust boundary
FIO14-C. Understand the difference between text mode and binary mode with file streams
FIO14-J. Perform proper cleanup at program termination
FIO15-C. Ensure that file operations are performed in a secure directory
FIO15-J. Do not reset a servlet's output stream after committing it
FIO16-J. Canonicalize path names before validating them
FIO17-C. Do not rely on an ending null character when using fread()
FIO18-C. Never expect fwrite() to terminate the writing process at a null character
FIO19-C. Do not use fseek() and ftell() to compute the size of a regular file
FIO20-C. Avoid unintentional truncation when using fgets() or fgetws()
FIO21-C. Do not create temporary files in shared directories
FIO22-C. Close files before spawning processes
FIO23-C. Do not exit with unflushed data in stdout or stderr
FIO24-C. Do not open a file that is already open
FIO30-C. Exclude user input from format strings
FIO30-PL. Use compatible character encodings when performing network or file I/O
FIO32-C. Do not perform operations on devices that are only appropriate for files
FIO34-C. Distinguish between characters read from a file and EOF or WEOF
FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful
FIO38-C. Do not copy a FILE object
FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call
FIO40-C. Reset strings on fgets() or fgetws() failure
FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
FIO42-C. Close files when they are no longer needed
FIO44-C. Only use values for fsetpos() that are returned from fgetpos()
FIO45-C. Avoid TOCTOU race conditions while accessing files
FIO46-C. Do not access a closed file
FIO47-C. Use valid format strings
FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call
FIO50-J. Do not make assumptions about file creation
FIO51-CPP. Close files when they are no longer needed
FIO51-J. Identify files using multiple file attributes
FIO52-J. Do not store unencrypted sensitive information on the client side
FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care
Rec. 01. File I/O and Logging (FIO)
Rec. 07. File Input and Output (FIO)
Rec. 09. Input Output (FIO)
Rec. 13. Input Output (FIO)
Rule 01. File I/O and Logging (FIO)
Rule 07. File Input and Output (FIO)
Rule 07. Input Output (FIO)
Rule 09. Input Output (FIO)
Rule 13. Input Output (FIO)
Rule Template