Do not define a modifiable object with static or thread storage duration in an external inline function, or reference an identifier with internal linkage. The C Standard, subclause 6.7.4 paragraph 3, says:
An inline definition of a function with external linkage shall not contain a definition of a modifiable object with static or thread storage duration, and shall not contain a reference to an identifier with internal linkage.
Noncompliant Code Example (Internal Linkage)
This code refers to a file scope static variable, which has internal linkage, inside an external inline function:
static int I = 12;
extern inline void func(int a) {
int b = a * I;
/* ... */
}
Compliant Solution (Internal Linkage)
This compliant solution omits the static qualifier; consequently, the variable I has external linkage by default.
int I = 12;
extern inline void func(int a) {
int b = a * I;
/* ... */
}
Noncompliant Code Example (Modifiable Static)
This noncompliant code example defines a modifiable static variable within an extern inline function.
extern inline void func(void) {
static int I = 12;
/* Perform calculations which may modify I */
}
Compliant Solution (Modifiable Static)
This compliant solution removes the static keyword from the local variable definition. If the modifications to I must be retained between invocations of func(), it must be declared at file scope so that it will be defined with external linkage.
extern inline void func(void) {
int I = 12;
/* Perform calculations which may modify I */
}
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL41-C | Low | Unlikely | Medium | P2 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
| [ISO/IEC 9899:2011] | Subclause 6.7.4, "Function Specifiers" |