[metadata]
id = "FIO24-C"
type = "recommendation"
category = "FIO"
number = 24
title = "Do not open a file that is already open"
description = """
Opening a file that is already open hasimplementation-defined behavior,
according to the C Standard, 7.21.3, paragraph 8 [ISO/IEC 9899:2011]: Some
implementations do not allow multiple copies of the same file to be open at the
same time. Consequently, portable code cannot depend on what will happen if this
rule is violated. Even on implementations that do not outright fail to open an
already-opened file, aTOCTOU(time-of-check, time-of-use) race condition exists
in which the second open could operate on a different file from the first due to
the file being moved or deleted (seeFIO45-C. Avoid TOCTOU race conditions while
accessing filesfor more details on TOCTOU race conditions). This noncompliant
code example logs the program's state at runtime:
"""
severity = "Medium"
likelihood = "Probable"
priority = "P4"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 20, 2025"
[rules.cert_c.FIO24-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/FIO24-C.+Do+not+open+a+file+that+is+already+open"
cwe = ["CWE-362", "CWE-675"]