The C99 standard defines modifying the result of a function call or accessing it after the next sequence point as undefined behavior.
The C11 standard The C Standard [ISO/IEC 9899:2011] defines modifying an object with temporary lifetime results as undefined behavior. This definition differs from the C99 standard Standard (which defines modifying the result of a function call or accessing it after the next sequence point as undefined behavior) because a temporary object's lifetime ends when the evaluation containing the full expression or full declarator ends, so the result of a function call can be accessed.
C functions may not return arrays; however, they may return structs structs or unions that contain arrays. Consequently, if a function call's return value contains an array, that array should never be modified within the expression containing the function call. In C99, it should also never be accessed.
...
Note that the behavior of this code in C11 the C Standard [ISO/IEC 9899:2011] is defined, because the lifetime of temporary objects extends to the full expression containing it.
...
This code compiles cleanly and runs without error under Microsoft Visual C++ Version 8.0. On the GCC Compiler Version compiler version 4.2, the program compiles with a warning when the -Wall switch is used, and execution on Linux results in a segmentation fault. However, if the flag --std=c99 is passed to the GCC compiler, the program compiles with no warning and runs with no error.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| ISO/IEC TR 24772 | Dangling references to stack frames [DCM] and Side-effects and order of evaluation [SAM] |
|---|
Bibliography
| [ISO/IEC 9899:1999] | Section 6.5.2.2, "Function |
...
| Calls" |
| [ISO/IEC 9899:2011 |
...
| ] | Section 6.5.2.2, "Function |
...
ISO/IEC TR 24772 "DCM Dangling references to stack frames" and "SAM Side-effects and order of evaluation"
...
| Calls" |
...