...
In this noncompliant example, the function utf8_to_ucs() attempts to convert a sequence of UTF-8 characters to UCS. It first invokes setlocale() to set the global locale to "en_US.UTF-8"setlocale() will fail by returning a null pointer, for example, when the locale is not installed. (The function may fail for other reasons , as well, such as the lack of resources.) Depending on the sequence of characters pointed to by utf8, the subsequent call to mbstowcs() may fail or result in the function storing an unexpected sequence of wide characters in the supplied buffer ucs.
...
In addition to the C standard library functions mentioned earlier, the following functions defined in POSIX require error checking (list is incompletenot all-inclusive).
Function | Successful Return | Error Return |
|
|---|---|---|---|
| Pointer to a |
|
|
| Pointer to a |
|
|
|
| Nonzero | Unchanged |
Setting errno is a POSIX [ISO/IEC 9945:2008] extension to the C Standard. On error, posix_memalign() returns a value that corresponds to one of the constants defined in the <errno.h> header. The function does not set errno. The posix_memalign() function is optional and is not required to be provided by POSIX-conforming implementations.
...
ERR33-EX1: Ignore the return value of a function that cannot fail or whose return value cannot signify an error condition need not be diagnosed. For example, strcpy() is one such function.
Return values from the following functions do not need to be checked because their historical use has overwhelmingly omitted error checking, and the consequences are not relevant to security.
...