Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Failure to specify function prototypes results in a function being implicitly defined. Without a function prototype, the compiler will assume the the correct number of parameters have been supplied to a function. Calling a function with a different number of arguments then that function expects results in unintended program behavior.

Wiki Markup
Compilers typically issue a warning when a function is implicitly defined. Although, these warnings should be resolved before proceeding \[[MSC00-A|MSC00-A. Compile cleanly at high warning levels]\], they will not prevent the program from compiling.

Non-Compliant Code Example

Code Block
bgColor#FFCCCC
function(1, 2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Solution: Use function prototypes at the top of .c file or in a .h file so that a compiler error will occur if an incorrect number of arguments are used.

Compliant Solution

Code Block
bgColor#ccccff
int function(int,int,int); //at top of file or in .h file
...
function(1,2); //compiler error
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Also using a compiler setting that checks for implicity declared function will prevent accidentally calling a function before it is declared.

gcc 3.4.6 for example will not allow the non compliant code above however below are reports on how the missing parameter problem has caused vulnerabilities.

Examples of vulnerabilities with CVE entry number

CVE-2002-1236, CAN-2003-0422 - CGI crashes when called without any arguments

CVE-2002-1531, CAN-2002-1077 - crash in HTTP request without a Content-Length field

CAN-2002-1358 - empty elements/strings in protocol test suite affect many SSH2 servers/clients

CAN-2003-0477 - FTP server crashes in PORT command without an argument

CVE-2002-0107 - resultant infoleak in web server via GET requests without HTTP/1.0 version string

CAN-2002-0596 - GET reqeust with empty parameter leads to error message infoleak (path disclosure)

Risk Assesment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DRAFT

2 (medium)

3 (likely)

2 (medium)

P12

L1

References