...
| Code Block | ||
|---|---|---|
| ||
int i1 = 10; /* definition, external linkage */
static int i2 = 20; /* definition, internal linkage */
extern int i3 = 30; /* definition, external linkage */
int i4; /* tentative definition, external linkage */
static int i5; /* tentative definition, internal linkage */
int i1; /* valid tentative definition */
int i2; /* not legal, linkage disagreement with previous */
int i3; /* valid tentative definition */
int i4; /* valid tentative definition */
int i5; /* not legal, linkage disagreement with previous */
int main(void) {
/* ... */
}
|
Implementation Details
Both Microsoft Visual Studio 2003 and Microsoft Visual Studio compile this non-compliant code example without warning even at the highest diagnostic levels. The GCC compiler generates a fatal diagnostic for the conflicting definitions of i2 and i5.
Compliant Solution
This compliant solution does not include conflicting definitions.
| Code Block | ||
|---|---|---|
| ||
int i1 = 10; /* definition, external linkage */
static int i2 = 20; /* definition, internal linkage */
extern int i3 = 30; /* definition, external linkage */
int i4; /* tentative definition, external linkage */
static int i5; /* tentative definition, internal linkage */
int main(void) {
/* ... */
}
|
Risk Assessment
Use of an identifier classified as both internally and externally linked causes undefined behavior. However, it is unlikely that an attacker could exploit this behavior to run arbitrary code.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL07 DCL36-A C | 1 (low) | 2 (probable) | 3 (low) | P6 | L2 |
...