SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

C99 removed implicit function declarations from the C language [[ISO/IEC9899-1999]]. However, compilers will typically allow compilation of programs that contain implicitly defined functions, although they will issue a warning. These warnings should be resolved [[MSC00-A]], but they will not prevent program compilation.

Failure to specify function prototypes results in a function being implicitly defined. Without a function prototype, the compiler will assume the the correct number and type of parameters have been supplied to a function. This can result in undefined, and perhaps unintended behavior. Given this, functions should always be declared with the appropriate function prototype.

Non-Compliant Code Example 1

In this example, the definition of func() expects three parameters but is supplied only two. However, because there is no prototype for func(), the compiler assumes that the correct number of parameters has been supplied, and uses the next value on the program stack as the missing third parameter.

function(1, 2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Compliant Solution 1

To correct this example, the appropriate function prototype for func() should be specified. 

int function(int,int,int);
...

function(1,2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Non-Compliant Code Example 2

function(1, 2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Examples of vulnerabilities with CVE entry number

CVE-2002-1236, CAN-2003-0422 - CGI crashes when called without any arguments

CVE-2002-1531, CAN-2002-1077 - crash in HTTP request without a Content-Length field

CAN-2002-1358 - empty elements/strings in protocol test suite affect many SSH2 servers/clients

CAN-2003-0477 - FTP server crashes in PORT command without an argument

CVE-2002-0107 - resultant infoleak in web server via GET requests without HTTP/1.0 version string

CAN-2002-0596 - GET reqeust with empty parameter leads to error message infoleak (path disclosure)

Risk Assesment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DRAFT

2 (medium)

3 (likely)

2 (medium)

P12

L1

References

  • No labels