This diagnostic rule is based on the AUTOSAR (AUTomotive Open System ARchitecture) manual for software development.
The standard library functions from the '<stdio.h>' / '<cstdio>' and '<wchar.h>' header files can be dangerous. Their behavior depends on the implementation. Besides, their use might lead to undefined behavior.
Look at the code fragment:
#include <stdio.h>
void InputFromFile(FILE *file); // Read from 'file'
void foo()
{
FILE *stream;
....
InputFromFile(stream);
fflush(stream);
}First, code reads data via the 'stream' file descriptor, which is then passed to the 'fflush' function. This sequence of operations leads to undefined behavior.
The analyzer issues a warning if it detects the use of any functions defined in the '<stdio.h>' / '<cstdio>' and '<wchar.h>' header files:
For example, the analyzer issues a warning for the code below:
#include <stdio.h>
void foo(const char *filename, FILE *oldFd)
{
FILE *newFd = freopen(filename, "r", oldFd);
....
}This diagnostic is classified as:
|