...
ERR33-C-EX1: It is acceptable to ignore the return value of a function if:
- that function cannot fail
...
- its return value is inconsequential
...
- ; that is, it does not indicate an error
- it is one of a handful of functions whose return values are not traditionally checked.
Functions for which Return Values Need Not Be Checked
Function | Successful Return | Error Return |
|---|---|---|
| Character written |
|
| Wide character written |
|
| Nonnegative |
|
| Number of characters (nonnegative) | Negative |
| Number of wide characters (nonnegative) | Negative |
kill_dependency() | The input parameter | NA |
memcpy(), wmemcpy() | The destination input parameter | NA |
memmove(), wmemmove() | The destination input parameter | NA |
strcpy(), wcscpy() | The destination input parameter | NA |
strncpy(), wcsncpy() | The destination input parameter | NA |
strcat(), wcscat() | The destination input parameter | NA |
strncat(), wcsncat() | The destination input parameter | NA |
memset(), wmemset() | The destination input parameter | NA |
The function's results should be explicitly cast to void to signify programmer intent:
| Code Block | ||||
|---|---|---|---|---|
| ||||
int main() {
(void) printf("Hello, world\n"); // printf() return value safely ignored
}
|
Risk Assessment
Failing to detect error conditions can lead to unpredictable results, including abnormal program termination and denial-of-service attacks or, in some situations, could even allow an attacker to run arbitrary code.
...