| Wiki Markup |
|---|
Calling a function with incorrect arguments can result in unexpected or unintended program behavior. Conventional functions that are appropriately declared \[[DCL07-A. Include the appropriate type information in function declarators]\] will fail compilation if they are supplied with the wrong number or types of arguments. |
| Wiki Markup |
|---|
However, there are cases where supplying the incorrect arguments to a function will only generate compiler warnings. These warnings should be resolved \[[MSC00-A. Compile cleanly at high warning levels]\], but do not prevent program compilation. |
Non-Compliant Code Example
| Wiki Markup |
|---|
The POSIX {{open()}} \[[Open Group 04|AA. C References#Open Group 04]\] is a variadic function with the following prototype: |
| Code Block |
|---|
int open(const char *path, int oflag, ... );
|
The open() function accepts a third argument to determine a newly created file's access mode.
If open() is used to create a new file and the third argument is omitted, the file may be created with unintended access permissions is defined as a variadic function. Using the POSIX function open() to create a file but failing to provide the access permissions argument results in an unexpected value being used. This omission has been known to lead to vulnerabilities (for instance, CVE-2006-1174).
...
