Page History

An identifier can be Linkage can make an identifier declared in different scopes or declared multiple times within the same scope refer to the same object or function. Identifiers are classified as externally linked, internally linked, or not - linked. These three kinds of linkage have the following characteristics [Kirch-Prinz 2002]:

• External linkage: An identifier

...

• with external linkage represents the same object or function throughout the entire program, that is, in all compilation units and libraries belonging to the program. The identifier is available to the linker. When a second declaration of the same identifier with external linkage occurs, the linker associates the identifier with the same object or function.

• Internal linkage: An identifier with internal linkage represents the same object or function within a given translation unit. The linker has no information about identifiers with internal linkage. Consequently, these identifiers are internal to the translation unit.

• No linkage: If an identifier has no linkage, then any further declaration using the identifier declares something new, such as a new variable or a new type.

According to the C Standard, 6.2.2 paragraph 3 [ISO/IEC 9899:2024], linkage is determined as follows:

If the declaration of a file scope identifier for:
    - an object contains any of the storage-class specifiers static  or contexpr;

    - or, a function contains the storage-class specifier static,

 then the identifier has internal linkage.

For an identifier declared with the storage-class specifier extern

...

 in a scope in which a prior declaration of that identifier is visible, if the prior declaration specifies internal or external linkage, the linkage of the identifier at the later declaration is the same as the linkage specified at the prior declaration. If no prior declaration is visible, or if the prior declaration specifies no linkage, then the identifier has external linkage.

If the declaration of an identifier for a function

...

has no storage-class specifier

...

, its linkage is determined exactly as if it were declared with the storage-class specifier

...

extern. If the declaration of an identifier for an object has file scope and does not contain the storage-class specifier static

...

An identifier that is classified as not-linked include:

 or contexpr, its linkage is external.

The following identifiers have no linkage: an

...

identifier declared to be anything other than an object or a function

...

; an identifier declared to be a function parameter

...

; a block scope identifier for an object declared without the storage-class specifier extern

...

.

Use of an identifier (within one translational translation unit) classified as both internally and externally linked causes is undefined behavior. (See also undefined behavior 8.) A translational translation unit includes the source file together with its headers , and all source files included via the preprocessing directive #include.

This recommendation is a weaker recommendation than \[[DCL01-A|DCL01-A. Do not reuse variable names in sub-scopes]].

Non-Compliant Code Example

The following table identifies the linkage assigned to an object that is declared twice in a single translation unit. The column designates the first declaration, and the row designates the redeclaration.

Image Added

Noncompliant Code Example

In this noncompliant code example, i2 and i5 are defined as having both internal and external linkage. Future use of either The first declaration of the identifier x is externally linked, while the second declaration is internally linked. Future use of this identifier results in undefined behavior.

int i1 = 10;         /* Definition, external linkage */
static int i2 = 20;  /* Definition, internal linkage */
extern int i3 = 30;  /* Definition, external linkage */
int i4;              /* Tentative definition, external linkage */
static int xi5;       /* externally linked Tentative definition, internal linkage */

int main(void) {
   static int x; /* internally linkedi1;  /* Valid tentative definition */
int i2;  /* Undefined, linkage disagreement with previous */
int i3;  /* Valid tentative definition */
int i4;  /* Valid tentative definition */
int i5;  /* use of identifier x results in undefined behaviorUndefined, linkage disagreement with previous */

int main(void) {
  /* ... */
  return 0;
}

Implementation Details

Microsoft Visual Studio 2013 issues no warnings about this code, even at the highest diagnostic levels.

GCC and Clang 14 both generate fatal diagnostics for the conflicting definitions of i2 and i5.

Compliant Solution

This compliant solution uses different (and more descriptive) identifiers to avoid any conflicts.does not include conflicting definitions:

int i1 = 10;         /* Definition, external linkage */
static int external_xi2 = 20;  /* Definition, externallyinternal linkedlinkage */
extern int main(void) {
   i3 = 30;  /* Definition, external linkage */
int i4;              /* Tentative definition, external linkage */
static int internal_xi5;       /* internally linked Tentative definition, internal linkage */

int main(void) {
  /* we're good to go */... */
  return 0;
}

Risk Assessment

Use of an identifier classified as both internally and externally linked causes is undefined behavior. However, it would be highly unlikely that an attacker could exploit this behavior to run arbitrary code.

Automated Detection

Related Vulnerabilities

Search for Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.

Related Guidelines

Key here (explains table format and definitions)

...

Bibliography

References

...

...

...

...

...

...

Image Added Image Added Image Added identifiers"