SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 33

changes.mady.by.user Pamela Curtis

Saved on

compared with

New Version 34

changes.mady.by.user David Keaton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Use of an identifier (within one translation unit) classified as both internally and externally linked causes undefined behavior. A translation unit includes the source file together with its headers and all source files included via the preprocessing directive #include.

Non-Compliant Code Example

In this non-compliant code example, i2 and i5 are defined as having both internal and external linkage. Future use of either identifier results in undefined behavior.

Code Block
bgColor#FFCCCC
int i1 = 10;         /* definition, external linkage */
static int i2 = 20;  /* definition, internal linkage */
extern int i3 = 30;  /* definition, external linkage */
int i4;              /* tentative definition, external linkage */
static int i5;       /* tentative definition, internal linkage */

int i1;              /* valid tentative definition */
int i2;              /* not valid, linkage disagreement with previous */
int i3;              /* valid tentative definition */
int i4;              /* valid tentative definition */
int i5;              /* not valid, linkage disagreement with previous */

int main(void) {
  /* ... */
}

Implementation Details

Both Microsoft Visual Studio 2003 and Microsoft Visual Studio 2005 compile this non-compliant code example without warning even at the highest diagnostic levels. Microsoft Visual Studio 2008 does provide warnings at the default warning level. The GCC compiler generates a fatal diagnostic for the conflicting definitions of i2 and i5.

Compliant Solution

This compliant solution does not include conflicting definitions.

Code Block
bgColor#ccccff
int i1 = 10;         /* definition, external linkage */
static int i2 = 20;  /* definition, internal linkage */
extern int i3 = 30;  /* definition, external linkage */
int i4;              /* tentative definition, external linkage */
static int i5;       /* tentative definition, internal linkage */

int main(void) {
  /* ... */
}

Risk Assessment

Use of an identifier classified as both internally and externally linked causes undefined behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL36-C

1 (low)

2 (probable)

3 (low)

P6

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Banahan 03|AA. C References#Banahan 03]\] [Section 8.2, "Declarations, Definitions and Accessibility"|http://publications.gbdirect.co.uk/c_book/chapter8/declarations_and_definitions.html]
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.2.2, "Linkages of identifiers"
\[[Kirch-Prinz 02|AA. C References#Kirch-Prinz 02]\]
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 5.5, "No object or function identifier with static storage duration should be reused"

...