[metadata]
id = "FIO23-C"
type = "recommendation"
category = "FIO"
number = 23
title = "Do not exit with unflushed data in stdout or stderr"
description = """
DeprecatedThis guideline does not apply to code that need conform only to C23.
Code that must conform to older versions of the C standard should still comply
with this guideline. The C standard makes no guarantees as to when output
tostdout(standard output) orstderr(standard error) is actually flushed. On many
platforms, output tostdoutis buffered unlessstdoutoutputs to a terminal,
andstderroutput is typically not buffered. However, programs are free to modify
the buffering rules for eitherstdoutorstderr. Programs are also free to
explicitly closestdoutorstderr; if they do not do so, these streams will be
closed upon program termination. Closing any output stream requires flushing any
data that has not yet been written to the stream. The flushing operation
(manually handled by thefflush()function) can fail for several reasons. The
output stream may be directed to a file in a filesystem with no remaining free
space, or to a network socket that fails. Checking for the success of
afflush()operation is mandatory for a secure program, and hence checking the
result of afclose()operation is also required.
"""
severity = "Medium"
likelihood = "Unlikely"
priority = "P4"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "Unknown"
[rules.cert_c.FIO23-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/FIO23-C.+Do+not+exit+with+unflushed+data+in+stdout+or+stderr"