CWE Rule 754
Description
Rule Description
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
Polyspace Implementation
The rule checker checks for Returned value of a sensitive function not checked.
Examples
Returned value of a sensitive function not checked
This issue occurs when you call sensitive standard functions that return information about possible errors and you do one of the following:
Ignore the return value.
You simply do not assign the return value to a variable, or explicitly cast the return value to
void
.Use an output from the function (return value or argument passed by reference) without testing the return value for errors.
The checker considers a function as sensitive if the function call is prone to failure because of reasons such as:
Exhausted system resources (for example, when allocating resources).
Changed privileges or permissions.
Tainted sources when reading, writing, or converting data from external sources.
Unsupported features despite an existing API.
The checker only considers functions where the return value indicates if the function completed without errors.
Some of these functions can perform critical tasks such as:
Set privileges (for example,
setuid
)Create a jail (for example,
chroot
)Create a process (for example,
fork
)Create a thread (for example,
pthread_create
)Lock or unlock mutex (for example,
pthread_mutex_lock
)Lock or unlock memory segments (for example,
mlock
)
If you do not check the return value of functions that perform sensitive tasks and indicate error information through their return values, your program can behave unexpectedly. Errors from these functions can propagate throughout the program causing incorrect output, security vulnerabilities, and possibly system failures.
Before continuing with the program, test the return value of critical sensitive functions.
For sensitive functions that are not critical, you can explicitly ignore a return value by
casting the function to void
. Polyspace® does not raise this defect for sensitive functions cast to void. This
resolution is not accepted for critical sensitive functions
because they perform more vulnerable tasks.
#include <pthread.h> #include <string.h> #include <stddef.h> #include <stdio.h> void initialize() { pthread_attr_t attr; pthread_attr_init(&attr);//Noncompliant //Noncompliant } int read_file(int argc, char *argv[]) { FILE *in; if (argc != 2) { /* Handle error */ } in = fmemopen (argv[1], strlen (argv[1]), "r"); return 0; //Noncompliant //Noncompliant }
This example shows calls to the sensitive POSIX functions
pthread_attr_init
and fmemopen
. Their return
values are ignored, causing defect.
(void)
One possible correction is to cast the function to void. This fix informs Polyspace and any reviewers that you are explicitly ignoring the return value of the sensitive function.
#include <pthread.h> #include <string.h> #include <stddef.h> #include <stdio.h> void initialize() { pthread_attr_t attr; (void)pthread_attr_init(&attr);//Compliant } int read_file(int argc, char *argv[]) { FILE *in; if (argc != 2) { /* Handle error */ } (void)fmemopen (argv[1], strlen (argv[1]), "r"); //Compliant return 0; }
One possible correction is to test the return value of
pthread_attr_init
and fmemopen
to check for
errors.
#include <pthread.h> #include <string.h> #include <stddef.h> #include <stdio.h> void initialize() { pthread_attr_t attr; int result = pthread_attr_init(&attr);//Compliant if(result != 0){ //Handle fatal error } } int read_file(int argc, char *argv[]) { FILE *in; if (argc != 2) { /* Handle error */ } in = fmemopen (argv[1], strlen (argv[1]), "r"); if (in==NULL){ // Handle error } return 0;//Compliant }
#include <pthread.h> extern void *start_routine(void *); void returnnotchecked() { pthread_t thread_id; pthread_attr_t attr; void *res; (void)pthread_attr_init(&attr); (void)pthread_create(&thread_id, &attr, &start_routine, ((void *)0)); //Noncompliant pthread_join(thread_id, &res); //Noncompliant }
In this example, two critical functions are called: pthread_create
and pthread_join
.
The return value of the pthread_create
is ignored
by casting to void, but because pthread_create
is
a critical function (not just a sensitive function), Polyspace does
not ignore this Return value of a sensitive function not
checked defect. The other critical function, pthread_join
,
returns value that is ignored implicitly. pthread_join
uses
the return value of pthread_create
, which was not
checked.
The correction for this defect is to check the return value of these critical functions to verify the function performed as expected.
#include <pthread.h> #include <stdlib.h> #define fatal_error() abort() extern void *start_routine(void *); void returnnotchecked() { pthread_t thread_id; pthread_attr_t attr; void *res; int result; (void)pthread_attr_init(&attr); result = pthread_create(&thread_id, &attr, &start_routine, NULL); if (result != 0) { /* Handle error */ fatal_error(); } result = pthread_join(thread_id, &res); if (result != 0) { /* Handle error */ fatal_error(); } }
Check Information
Category: Others |
Version History
Introduced in R2024a
See Also
External Websites
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
Select a Web Site
Choose a web site to get translated content where available and see local events and offers. Based on your location, we recommend that you select: .
You can also select a web site from the following list
How to Get Best Site Performance
Select the China site (in Chinese or English) for best site performance. Other MathWorks country sites are not optimized for visits from your location.
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)