C and C++ Binaries

BADFUNC.WCHAR_H : Use of <wchar.h> Input/Output

Summary

A use of one of the following, declared in <wchar.h>, when defined as a function: btowc(), fwprintf(), fwscanf(), iswalnum(), iswalpha(), iswcntrl(), iswdigit(), iswgraph(), iswlower(), iswprint(), iswpunct(), iswspace(), iswupper(), iswxdigit(), iswctype(), fgetwc(), fgetws(), fputwc(), fputws(), fwide(), getwc(), getwchar(), mbsinit(), mbrlen(), mbrtowc(), mbsrtowcs(), putwc(), putwchar(), swprintf(), swscanf(), towlower(), towupper(), ungetwc(), vfwprintf(), vwprintf(), vswprintf(), wcrtomb(), wcscat(), wcschr(), wcscmp(), wcscoll(), wcscpy(), wcscspn(), wcsftime(), wcslen(), wcsncat(), wcsncmp(), wcsncpy(), wcspbrk(), wcsrchr(), wcsrtombs(), wcsspn(), wcsstr(), wcstod(), wcstok(), wcstol(), wcstoul(), wcswcs(), wcswidth(), wcsxfrm(), wctob(), wctype(), wcwidth(), wmemchr(), wmemcmp(), wmemcpy(), wmemmove(), wmemset(), wprintf(), wscanf().

These functions are associated with unspecified, undefined, and implementation-defined behaviors.

If your libc implementation defines these as macros, uses will instead be reported as Use of <wchar.h> Input/Output Macro warnings.

Properties

Class Name Use of <wchar.h> Input/Output
Significance style
Mnemonic BADFUNC.WCHAR_H
Categories
MisraC2023 MisraC2023:21.6 The Standard Library input/output functions shall not be used
Misra2012 Misra2012:21.6 The Standard Library input/output functions shall not be used
Misra2004 Misra2004:20.9 The input/output library <stdio.h> shall not be used in production code
AUTOSARC++14 AUTOSARC++14:A1-1-1 All code shall conform to ISO/IEC 14882:2014 - Programming Language C++ and shall not use deprecated features.
  AUTOSARC++14:M27-0-1 The stream input/output library <cstdio> shall not be used.
MisraC++2008 MisraC++2008:27-0-1 The stream input/output library <cstdio> shall not be used.
MisraC++2023 MisraC++2023:30.0.1 The C Library input/output functions shall not be used
CWE CWE:676 Use of Potentially Dangerous Function
  CWE:758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Availability Available for C and C++.
Enabling Checks for this warning class are disabled by default. To enable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += allow class="Use of <wchar.h> Input/Output"

Example 

#include <wchar.h>

get_answer_w(void){
    wint_t ans;
    ans = fgetwc(stdin); /* Warning issued here:
                          * - 'Use of <wchar.h> Input/Output' if fgetwc() implemented as a function
                          * - Use of <wchar.h> Input/Output Macro if fgetwc() implemented as a macro
                          */
    if ((ans == (wint_t)('Y')) || ans == (wint_t)('y')){
        return 1;
    }
    return 0;
}

Relevant Configuration File Parameters

This class is implemented using a BAD_FUNCTION_* rule set in the general template configuration file.

The following configuration file parameters affect checks for this warning class.