...
ERR33-C-EX1: It is acceptable to ignore the return value of a function that cannot fail, or a function whose return value is inconsequential, or if an error condition need not be diagnosed. The function's results should be explicitly cast to void to signify programmer intent. Return values from the functions in the following table do not need to be checked because their historical use has overwhelmingly omitted error checking, and the consequences are not relevant to security.
Functions the Return Values of Which Need Not Be Checked
Function | Successful Return | Error Return |
|---|---|---|
| Character written |
|
| Wide character written |
|
| Nonnegative |
|
| Number of characters (nonnegative) | Negative |
| Number of wide characters (nonnegative) | Negative |
kill_dependency() | The input parameter | NA |
memcpy(), wmemcpy() | The destination input parameter | NA |
memmove(), wmemmove() | The destination input parameter | NA |
strcpy(), wcscpy() | The destination input parameter | NA |
strncpy(), wcsncpy() | The destination input parameter | NA |
strcat(), wcscat() | The destination input parameter | NA |
strncat(), wcsncat() | The destination input parameter | NA |
memset(), wmemset() | The destination input parameter | NA |
...