Main Content

AUTOSAR C++14 Rule M27-0-1

The stream input/output library <cstdio> shall not be used

expand all in page

Description

Rule Definition

The stream input/output library <cstdio> shall not be used.

Rationale

Functions in cstdio such as gets, fgetpos, fopen, ftell, etc. have unspecified, undefined and implementation-defined behavior.

For instance:

  • The gets function:

    char * gets ( char * buf );
    does not check if the number of characters provided at the standard input exceeds the buffer buf. The function can have unexpected behavior when the input exceeds the buffer.

  • The fopen function has implementation-specific behavior related to whether it sets errno on errors or whether it accepts additional characters following the standard mode specifiers.

Polyspace Implementation

Polyspace® reports a violation of this rule if you use the functions from the cstdio library. Polyspace detects the use of these cstdio functions:

  • File operation functions such as remove and rename.

  • File access functions such as fclose,fflush, and fopen.

  • Formatted input/output functions such as fprintf, fscanf, printf, and scanf.

  • Character input output functions such as fgetc, fgets, fputc, and getc.

  • Direct input/output functions such as fread and fwrite.

  • File positioning functions such as fgetpos and fsetpos.

  • Error handling functions such as clearerr, ferror, and perror.

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

#include <cstdio>

void func()
{
    char array[10];
    fgets(array, sizeof array, stdin); //Noncompliant
}

The use of fgets() violates this rule.

Check Information

Group: Input/output library
Category: Required, Automated

Version History

Introduced in R2019a

See Also

Topics