If Failure to specify function prototypes results in a function is implicitly declared and it is not given enough arguments it will still pop the expected number from the stack. This could cause the program to crash.
...
being implicitly defined. Without a function prototype, the compiler must estimate the correct number of parameters supplied to a function. Calling a function with a different number of arguments then that function expects results in unintended program behavior.
Non-Compliant Code Example
| Code Block | ||
|---|---|---|
| ||
function(1, 2);
...
void function(int one, int two, int three){
printf("args %d %d $d, one, two, three);
}
|
Solution: Use function prototypes at the top of .c file or in a .h file so that a compiler error will occur if an incorrect number of arguments are used.
Compliant
...
Solution
| Code Block | ||
|---|---|---|
| ||
void function(int one, int two, int three); //at top of file or in .h file ... function(1,2) //compiler error |
...
gcc 3.4.6 for example will not allow the non compliant code above however below are reports on how the missing parameter problem has caused vulnerabilities.
Examples of vulnerabilities with CVE entry number
CVE-2002-1236, CAN-2003-0422 - CGI crashes when called without any arguments
...
CAN-2002-0596 - GET reqeust with empty parameter leads to error message infoleak (path disclosure)
Risk Assesment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRAFT | 2 (medium) | 3 (likely) | 2 (medium) | P12 | L1 |