This diagnostic rule is based on the AUTOSAR (AUTomotive Open System ARchitecture) manual for software development.
The standard library functions from the '<stdio.h>' / '<cstdio>' and '<wchar.h>' header files can be dangerous. Their behavior depends on the implementation. Besides, their use might lead to undefined behavior.
Look at the code fragment:
#include <stdio.h> void InputFromFile(FILE *file); // Read from 'file' void foo() { FILE *stream; .... InputFromFile(stream); fflush(stream); }
First, code reads data via the 'stream' file descriptor, which is then passed to the 'fflush' function. This sequence of operations leads to undefined behavior.
The analyzer issues a warning if it detects the use of any functions defined in the '<stdio.h>' / '<cstdio>' and '<wchar.h>' header files:
For example, the analyzer issues a warning for the code below:
#include <stdio.h> void foo(const char *filename, FILE *oldFd) { FILE *newFd = freopen(filename, "r", oldFd); .... }
This diagnostic is classified as:
|