The C Standard enumerates several instances
...
in which the behavior of accessing an object or function expanded to be a standard library macro definition is undefined.
...
The macros are assert, errno, math_errhandling, setjmp, va_start, va_arg, va_copy, and va_end.
...
These cases are recorded in Annex J, subclause J.2
...
, items 110, 114, 122, 124, and 138
...
.
...
Programmers should never attempt to access anything underlying any of these macros.
Noncompliant Code Example (assert)
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <assert.h>
#include "myassert.h"
void fullAssert(int e) {
assert(e > 0); //* Invoke standard library assert() */
(assert)(e > 0); /*
//* assert() macro suppressed,; calling
* function assert().
*/
}
|
Having this function and attempting to access it produces undefined behavior. It is also a violation of DCL37-C. Do not declare or define a reserved identifier.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <assert.h>
#include "myassert.h"
void fullAssert(int e) {
assert(e > 0); //* Standard library assert() */
myassert(e > 0); //* Well-defined custom assertion function */
}
|
Noncompliant Code Example (Redefining errno)
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <errno.h> |
C-conforming implementations are implementations are required to declare errno in <errno.h>, although some historic implementations failed to do so.
...
Accessing objects or functions underlying these macros does not produce defined behavior, which may lead to incorrect or unexpected program behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC38-C | lowLow | unlikelyUnlikely | mediumMedium | P2 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Bibliography
| [ISO/IEC 9899:2011] | Annex J, subclause J.2, "Undefined behavior" |
...