CXX.ERRNO.NOT_CHECKED

Errno condition check is missing after calling library function

The CXX.ERRNO.NOT_CHECKED checker flags cases where the value of errno is not checked after calling a library function that sets its value.

Vulnerability and risk

The value of errno may be set from any previous call of library function. Not checking the value of errno after calling a library function that sets its value can lead to the incorrect execution of code.

Mitigation and prevention

Always check the value or errno after calling any library function that sets its value.

Vulnerable code example 1

Copy
  #include <errno.h>
  #include <limits.h>
  #include <stdlib.h>
    
  void func(const char *c_str) {
    unsigned long number;
    char *endptr;
     
    errno=0;
   number = strtoul(c_str, &endptr, 0);
 }

In this noncompliant example, the code fails to check the value of errno after invoking strtoul(). If an error occurs, strtoul() returns a valid value (ULONG_MAX), so errno is the only means of determining if strtoul() ran successfully.

Fixed code example 1

Copy
  #include <errno.h>
  #include <limits.h>
  #include <stdlib.h>
    
  void func(const char *c_str) {
    unsigned long number;
    char *endptr;
    
    errno = 0;
   number = strtoul(c_str, &endptr, 0);
   if (errno == ERANGE) {
     /* Handle error */
   } else {
     /* Computation succeeded */
   }
 }

In this fixed example, the code checks the value of errno after the call to strtoul().

Vulnerable code example 2

Copy
  #include <errno.h>
  #include <stdio.h>
    
  void func(const char *filename) {
    FILE *fileptr;
   
    errno = 0;
    fileptr = fopen(filename, "rb");
    if (errno != 0) {
     /* Handle error */
   }
 }

In this noncompliant example, the code may fail to diagnose errors because fopen() may not set the value of errno even if an error occurs.

Fixed code example 2

Copy
  #include <stdio.h>
    
  void func(const char *filename) {
    FILE *fileptr = fopen(filename, "rb");
    if (fileptr == NULL)  {
      /* An error occurred in fopen() */
    }
  }

The C Standard makes no mention of errno when describing fopen(). In this fixed example, the code uses the results of the call to fopen() to determine failure and does not check the value of errno.

Extension

This checker can be extended through the Klocwork knowledge base (KBs). See Tuning C/C++ analysis for more information.