SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 13

changes.mady.by.user Alex Volkovitsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The previous standard of C90 allowed for implicit typing of variables and functions. Since Because implicit declarations lead to less stringent type checking, they can often introduce unexpected and erroneous behavior or even security vulnerabilities.

...

Code Block
bgColor#FFCCCC
int main(void) {
    int c = foo();
    printf("%d\n", c);
    return 0;
}

int foo(int a) {
  return a;
}

Since Because the compiler assumes foo() to have type extern int foo(), it cannot spot the missing argument and a bogus value is printed.

...

Code Block
bgColor#ccccff
int foo(int);

int main(void) {
    int c = foo(0);
    printf("%d\n", c);
    return 0;
}

int foo(int a) {
  return a;
}

Wiki MarkupFor more information on function declarations see \[[DCL07-A. Include the appropriate type information in function declarators]\].

Non-Compliant Code Example (implicit return type)

...

Code Block
bgColor#ffcccc
foo() {
  return UINT_MAX;
}

int main(void) {
  long long c = foo();
  printf("%lld\n", c);
  return 0;
}

Since Because the compiler assumes that foo() returns a value of type int, UINT_MAX is incorrectly converted to -1.

...