...
The C Standard identifies five distinct situations in which undefined behavior may arise as a result of invoking a function using a declaration that is incompatible with its definition or with incorrect types or numbers of arguments:
...
Functions that are appropriately declared (as in DCL40-C. Do not create incompatible declarations of the same function or object) will typically generate a compiler error if they are supplied with the wrong number or types of arguments. However, there are cases in which supplying the incorrect arguments to a function will, at best, generate compiler warnings. While Although such warnings should be resolved, they do not prevent program compilation. (See MSC00-C. Compile cleanly at high warning levels.)
...
In this noncompliant example, the C Standard Library standard library function strchr() is called through the function pointer fp with incorrectly typed arguments. According to the C Standard, subclause 6.3.2.3, paragraph 8 [ISO/IEC 9899:2011],
...
In this noncompliant example, the pointer to the C Standard Library standard library function strchr() is declared with the correct arguments. This This code still exhibits the same undefined behavior, but most compilers will warn that the arguments passed to fp do not match its declaration.
...
The POSIX function open() [Open Group 2004IEEE Std 1003.1:2013] is a variadic function with the following prototype:
...
Calling a function with incorrect arguments can result in unexpected or unintended program behavior.
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
| [CVE] | CVE-2006-1174 |
| [ISO/IEC 9899:2011] | Subclause 6.3.2.3, "Pointers" Subclause 6.5.2.2, "Function Calls" |
| [IEEE Std 1003.1:2013] | open() |
| [Spinellis 2006] | Section 2.6.1, "Incorrect Routine or Arguments" |
...