FUNCRET.IMPLICIT

Non-void function implicitly returning int doesn't return value

The FUNCRET.IMPLICIT checker finds paths in implicitly 'int' functions that don't have a return statement.

Vulnerability and risk

Functions without an explicit return type should return an integer value. If there is an attempt to read a return code in the cases with no return statement, it will be uninitialized.

Vulnerable code example

1  foo(char ** param){
2    char * x = malloc(1);
3    free(x);
4    bar(&x);
5  }

Klocwork flags line 5, indicating that the implicitly 'int' function 'foo' has no return statement.