Related functions, such as those that make up a library, should provide consistent and usable interfaces. Ralph Waldo Emerson might have said, "A foolish consistency is the hobgoblin of little minds," but inconsistencies in functional interfaces or behavior can lead to erroneous use, so we understand this to be a "wise consistency." One aspect of providing a consistent interface is to provide a consistent and usable error-checking mechanism. For more information, see API04-C. Provide a consistent and usable error-checking mechanism.
...
It is not necessary to go beyond the standard C library to find examples of inconsistent interfaces: the standard library is a fusion of multiple libraries with various styles and levels of rigor. For example, the fputs() defined in the C Standard, Section subclause 7.21.7.4, is closely related to the fprintf() defined in Section subclause 7.21.6.1. However, fputs()'s file handle is at the end, and fprintf()'s is at the beginning, as shown by their function declarations.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
int fputs(const char * restrict s, FILE * restrict stream); int fprintf(FILE * restrict stream, const char * restrict format, ...); |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h> #define fputs(X,Y) fputs(Y,X) |
However, according to Section 7to subclause 7.1.3 of the C Standard, the behavior of a program that defines a symbol, including a macro, with the same name as that of a standard library function, type, macro, or other reserved identifier , is undefined.
Using inconsistent interfaces makes the code difficult to read, for example, by causing confusion when moving between code that follows this convention and code that does not. In effect, it becomes impossible to modify an interface once that interface has been broadly adopted. Consequently, it is important to get the interface design right the first time.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* initializationInitialization of Pthreadpthread attribute objects */ int pthread_condattr_init(pthread_condattr_t *); int pthread_mutexattr_init(pthread_mutexattr_t *); int pthread_rwlockattr_init(pthread_rwlockattr_t *); ... /* initializationInitialization of Pthreadpthread objects using attributes */ int pthread_cond_init(pthread_cond_t * restrict, const pthread_condattr_t * restrict); int pthread_mutex_init(pthread_mutex_t * restrict, const pthread_mutexattr_t * restrict); int pthread_rwlock_init(pthread_rwlock_t * restrict, const pthread_rwlockattr_t * restrict); ... |
...
Failure to maintain consistency in interfaces and capabilities across functions can result in type errors in the program.
Rule | Severity | Likelihood | Detectable |
|---|
Repairable | Priority | Level |
|---|---|---|
API03-C |
Medium | Unlikely |
No |
No |
P2 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Automated Detection
Tool | Version | Checker | Description |
|---|
Related Guidelines
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| ISO/IEC 9945:2003 | Prior to 2018-01-12: CERT: Unspecified Relationship | |
| ISO/IEC 23360-1:2006 |
...
| Prior to 2018-01-12: CERT: Unspecified Relationship | |
| ISO/IEC |
...
| TR 24731-2 | Prior to 2018-01-12: CERT: Unspecified Relationship | |
| MISRA C:2012 | Rule |
...
Sources
...
| 21.3 (required) | Prior to 2018-01-12: CERT: Unspecified Relationship | |
| MISRA C:2012 | Directive 4.12 (required) | Prior to 2018-01-12: CERT: Unspecified Relationship |
Bibliography
...
| 2013] | Chapter 2, "Strings" |
| [VMware 2007] | VIX API Version 1.1.1 (for Workstation 6.0.1) Release Notes |
...