...
Noncompliant Code Example (NULL)
Because the The C Standard allows Standard allows NULL to be either an integer constant or a pointer constant, any architecture in which int is not the same size as a pointer might present a particular vulnerability with variadic functions. If NULL is defined as an int on such a platform, then . While passing NULL as an argument to a function with a fixed number of arguments will cause NULL to be cast to the appropriate pointer type, when it is passed as a variadic argument, this will not happen if sizeof(NULL) != sizeof(void *), so variadic functions that accept an argument of pointer type will not correctly promote NULL to the correct size. Consequently. This is possible for several reasons:
- Pointers and ints may have different sizes on a platform where NULL is an integer constant
- The platform may have different pointer types with different sizes on a platform. In that case if NULL is a void pointer, that is the same size as a pointer to char (C11 section 6.2.5, paragraph 28)...which might be sized differently than the required pointer type.
On either such platform, the following code will have have undefined behavior:
| Code Block | ||||
|---|---|---|---|---|
| ||||
char* string = NULL;
printf("%s %d\n", string, 1);
|
...