If a function is implicitly declared and it is not given enough arguments it will still pop the expected number from the stack. This could cause the program to crash. The function could also be given too many arguments which can cause a buffer overflow.
Non compliant code
| Code Block | ||
|---|---|---|
| ||
function(1, 2);
...
void function(int one, int two, int three){
printf("args %d %d $d, one, two, three);
}
|
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRAFT | 3 2 (highmedium) | 3 (likely) | 2 (medium) | P18 P12 | L1 |