An application programming interface (API) specifies how a function is intended to be called. Calling a function with incorrect arguments can result in unexpected or unintended program behavior. Functions that are appropriately declared \[[DCL07-A. Include the appropriate type information in function declarators]\] will typically fail compilation if they are supplied with the wrong number or types of arguments. However, there are cases where supplying the incorrect arguments to a function will at best generate compiler warnings. These warnings should be resolved \[[MSC00-A. Compile cleanly at high warning levels]\], but do not prevent program compilation. |
In this example, the function pointer fp
is used to refer to the function strchr()
. However, fp
is declared without a function prototype. As a result there is no type checking performed on the call to fp(12,2);
.
#include <stdio.h> #include <string.h> char *(*fp) (); int main(void) { char *c; fp = strchr; c = fp(12, 2); printf("%s\n", c); } |
Declaring fp
with a function prototype corrects this example.
#include <string.h> char *(*fp) (char const *, int); int main(void) { char *c; fp = strchr; c = fp("Hello",'H'); printf("%s\n", c); } |
The POSIX function {{open()}} \[[Open Group 04|AA. C References#Open Group 04]\] is a variadic function with the following prototype: |
int open(char const *path, int oflag, ... ); |
The {{open()}} function accepts a third argument to determine a newly created file's access mode. If {{open()}} is used to create a new file and the third argument is omitted, the file may be created with unintended access permissions \[[FIO06-A. Create files with appropriate access permissions]\]. |
In this non-compliant code example from a vulnerability in the useradd()
function of the shadow-utils
package CVE-2006-1174 , the third argument to open()
has been accidentally omitted.
fd = open(ms, O_CREAT|O_EXCL|O_WRONLY|O_TRUNC); |
To correct this example, a third argument is specified in the call to open()
.
/* ... */ int fd = open(file_name, O_CREAT | O_WRONLY, file_access_permissions); if (fd == -1){ /* Handle Error */ } /* ... */ |
Calling a function with incorrect arguments can result in unexpected or unintended program behavior.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
EXP37-C |
1 (low) |
1 (unlikely) |
3 (low) |
P3 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Forward, Section 6.9.1, "Function definitions" \[[Spinellis 06|AA. C References#Spinellis 06]\] Section 2.6.1, "Incorrect Routine or Arguments" |
EXP36-C. Do not convert pointers into more strictly aligned pointer types 03. Expressions (EXP) EXP38-C. Do not call offsetof() on bit-field members or invalid types