TR24731-1 provides a mechanism to handle violations of constraints that may only be discerned at runtime. Section 6.1.4 states:
1 Most functions in this technical report include as part of their specification a list of runtime-constraints. These runtime-constraints are requirements on the program using the library.
and
4 The runtime-constraint handler might not return. If the handler does return, the library function whose runtime-constraint was violated shall return some indication of failure as given by the returns section in the function's specification.
...
| Code Block | ||
|---|---|---|
| ||
errno_t function( char* dst1){ char src1[100] = "hello"; if (strcpy_s( dst1, sizeof(dst1), src1) != 0) { return -1; } /* ... */ return 0; } |
...
| Code Block | ||
|---|---|---|
| ||
constraint_handler_t handle_errors() {
/* define what to do when error occurs */
}
/*...*/
set_constraint_handler(handle_errors);
/*...*/
/* Returns zero on success */
errno_t function(char* dst1){
char src1[100] = "hello";
if (strcpy_s( dst1, sizeof(dst1), src1) != 0) {
return -1;
}
/* ... */
return 0;
}
|
...
| Code Block | ||
|---|---|---|
| ||
_invalid_parameter_handler handle_errors(const wchar_t* expression,
const wchar_t* function,
const wchar_t* file,
unsigned int line,
uintptr_t pReserved)
{
/*define what to do when error occurs*/
}
/*...*/
_set_invalid_parameter_handler(handle_errors)
/*...*/
errno_t function(char *dst1){
char src1[100] = "hello";
if (strcpy_s( dst1, sizeof(dst1), src1) != 0) {
return -1;
}
/* ... */
return 0;
}
|
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC TR 24731-1-2007|AA. C References#ISO/IEC TR 24731-1-2007]\] |
...
ERR02-A. Avoid in-band error indicators 13. Error Handling (ERR) ERR30-C. Set errno to zero before calling a function, and use it only after the function returns a value indicating failure