...
Although the effect of two incompatible declarations simply appearing in the same program may be benign on most implementations, the effects of invoking a function through an expression whose type is incompatible with the function definition are typically catastrophic. Similarly, the effects of accessing an object using an lvalue of a type that is incompatible with the object definition may range from unintended information exposure to memory overwrite to a hardware trap.
| Anchor |
|---|
| Incompatible Object Declarations |
|---|
| Incompatible Object Declarations |
|---|
|
Noncompliant Code Example (Incompatible Object Declarations)
In this noncompliant code example, variable i is declared to have type int in file a.c but defined to be of type short in file b.c. The declarations are incompatible, resulting in undefined behavior undefined behavior 15. Furthermore, accessing the object using an lvalue of an incompatible type as done in function f() results in undefined behavior 37 with possible observable results ranging from unintended information exposure to memory overwrite to a hardware trap.
| Code Block |
|---|
|
/* In a.c */
extern int i; /* UB 15 */
int f(void) {
return ++i; /* UB 37 */
}
/* In b.c */
short i; /* UB 15 */
|
Compliant Solution (Incompatible Object Declarations)
This compliant solution has compatible declarations of the variable i:
| Code Block |
|---|
|
/* In a.c */
extern int i;
int f(void) {
return ++i;
}
/* In b.c */
int i; |
| Anchor |
|---|
| Incompatible Array Declarations |
|---|
| Incompatible Array Declarations |
|---|
|
Noncompliant Code Example (Incompatible Array Declarations)
In this noncompliant code, the variable a is declared to have array type in file a.c but defined to have pointer type in file b.c. The two declarations are incompatible, resulting in undefined behavior 15. As before, accessing the object in function f() results in undefined behavior 37 with the typical effect of triggering a hardware trap.
| Code Block |
|---|
|
/* In a.c */
extern int *a; /* UB 15 */
int f(unsigned i, int x) {
int tmp = a[i]; /* UB 37: read access */
a[i] = x; /* UB 37: write access */
return tmp;
}
/* In b.c */
int a[] = { 1, 2, 3, 4 }; /* UB 15 */
|
Compliant Solution (Incompatible Array Declarations)
This compliant solution declares a as an array in a.c and b.c:
| Code Block |
|---|
|
/* In a.c */
extern int a[];
int f(unsigned i, int x) {
int tmp = a[i];
a[i] = x;
return tmp;
}
/* In b.c */
int a[] = { 1, 2, 3, 4 }; |
| Anchor |
|---|
| Incompatible Function Declarations |
|---|
| Incompatible Function Declarations |
|---|
|
Noncompliant Code Example (Incompatible Function Declarations)
In this noncompliant code example, function f() is declared in file a.c with one prototype but defined in file b.c with another. The two prototypes are incompatible, resulting in undefined behavior 15. Furthermore, invoking the function results in undefined behavior 41 with typically catastrophic effects.
| Code Block |
|---|
|
/* In a.c */
extern int f(int a); /* UB 15 */
int g(int a) {
return f(a); /* UB 41 */
}
/* In b.c */
long f(long a) { /* UB 15 */
return a * 2;
}
|
Compliant Solution (Incompatible Function Declarations)
This compliant solution has compatible declarations of the function f():
| Code Block |
|---|
|
/* In a.c */
extern int f(int a);
int g(int a) {
return f(a);
}
/* In b.c */
int f(int a) {
return a * 2;
} |
| Anchor |
|---|
| Excessively Long Identifiers |
|---|
| Excessively Long Identifiers |
|---|
|
Noncompliant Code Example (Excessively Long Identifiers)
...
Note: The identifier bash_groupname_completion_function referenced here was taken from GNU Bash version 3.2.
Compliant Solution (Excessively Long Identifiers)
In this compliant solution, the length of the identifier declaring the function pointer bash_groupname_completion() in bashline.h is less than 32 characters:
...
