...
The C Standard identifies four distinct situations in which undefined behavior may arise as a result of invoking a function using a declaration that is incompatible with its definition or with incorrect types or numbers of arguments:
| UB | Description |
A pointer is used to call a function whose type is not compatible with the pointed-to type (6.3.2.3). | |
For a call to a function without a function prototype in scope, the number of arguments does not equal the number of parameters (6.5.2.2). | |
For call to a function without a function prototype in scope where the function is defined with a function prototype, either the prototype ends with an ellipsis or the types of the arguments after promotion are not compatible with the types of the parameters (6.5.2.2). | |
A function is defined with a type that is not compatible with the type (of the expression) pointed to by the expression that denotes the called function (6.5.2.2). |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | EXP37-CPP. Call variadic functions with the arguments intended by the API |
| ISO/IEC TR 24772 | Subprogram signature mismatch [OTR] |
| ISO/IEC TS 17961 (Draft) | Calling functions with incorrect arguments [argcomp] |
| MISRA-C | Rule 16.6 (required): The number of arguments passed to a function shall match the number of parameters |
| MITRE CWE | CWE-628, Function call with incorrectly specified arguments |
Bibliography
| [CVE] | CVE-2006-1174 |
| [ISO/IEC 9899:2011] | Section 6.3.2.3, "Pointers" |
| [Spinellis 2006] | Section 2.6.1, "Incorrect Routine or Arguments" |
...