...
In this example, void is explicitly specified as a parameter. If the caller calls foo(3) again, a warning message will be issued as follows:
| Code Block | ||
|---|---|---|
| ||
error: too many arguments to function â€⃜foo’ |
Because it is an error message, the programmer can not ignore it and thus previous belief regarding the interface can be rectified.
Noncompliant Code Example (information outflow)
| Code Block | ||
|---|---|---|
| ||
/* compile using gcc4.3.3 */
void foo () {
/* use asm code to retrieve i
* implicitly from caller
* and transfer it to a less privilege file */
}
...
/* caller */
foo(i); /* i is fed from user input */
|
...