SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 35 Next »

Failure to specify function prototypes results in a function being implicitly defined. Without a function prototype, the compiler will assume the the correct number and type of parameters have been supplied to a function. This can result in undefined, and perhaps unintended behavior. Given this, functions should always be declared with the appropriate function prototype.

C99 eliminated implicit function declarations from the C language [[ISO/IEC9899-1999]]. However, many compilers allow compilation of programs containing implicitly defined functions, although they may issue a warning message. These warnings should be resolved [[MSC00-A]], but do not prevent program compilation.

Non-Compliant Code Example 1

In this example, the definition of func() expects three parameters but is supplied only two. However, because there is no prototype for func(), the compiler assumes that the correct number of arguments has been supplied, and uses the next value on the program stack as the missing third argument.

function(1, 2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Compliant Solution 1

To correct this example, the appropriate function prototype for func() should be specified.

int function(int, int, int);
...

function(1,2);
...
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

Non-Compliant Code Example 2

The following example is based on rule [[MEM02-A]]. The header file stdlib.h contains the function prototype for malloc(). Failing to include stdlib.h causes malloc() to be implicitly defined.

char *p = malloc(10);

Compliant Solution 2

including stdlib.h ensures the function prototype for malloc() is declared.

#include <stdlib.h>
...
char *p = malloc(10);

Risk Assessment

Failure to specify function prototypes can result in undefined, and perhaps unintended program behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL31-C.

1 (low)

1 (unlikely)

3 (low)

P3

L3

Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.

References

  • [[ISO/IEC9899-1999]] Forward
    [[MEM02-A]], [[MSC00-Ahttps://www.securecoding.cert.org/confluence/display/seccode/MSC00-A.+Compile+cleanly+at+high+warning+levels]]

  • No labels