SV.RVT.RETVAL_NOTTESTED
Ignored return value
It's important to check return values to ensure that functions were successful, since ignoring exceptions and error conditions may allow an attacker to introduce unexpected behavior. The SV.RVT.RETVAL_NOTTESTED checker reports ignored return value codes for the following functions:
function | return values to check |
---|---|
socket | -1, 0 |
recv | 0, -1 |
pthread_mutex_destroy | 0 |
pthread_mutex_lock | 0 |
pthread_mutex_trylock | 0 |
pthread_mutex_unlock | 0 |
pthread_mutex_timedlock | 0 |
pthread_mutex_getprioceiling | 0 |
pthread_mutex_setprioceiling | 0 |
pthread_cond_init | 0 |
pthread_cond_destroy | 0 |
pthread_cond_wait | 0 |
pthread_cond_timedwait | 0 |
pthread_cond_broadcast | 0 |
pthread_rwlock_init | 0 |
pthread_rwlock_destroy | 0 |
pthread_rwlock_rdlock | 0 |
pthread_rwlock_tryrdlock | 0 |
pthread_rwlock_timedrdlock | 0 |
pthread_rwlock_wrlock | 0 |
pthread_rwlock_trywrlock | 0 |
pthread_rwlock_timedwrlock | 0 |
pthread_rwlock_unlock | 0 |
pthread_rwlockattr_init | 0 |
pthread_rwlockattr_destroy | 0 |
pthread_spin_init | 0 |
pthread_spin_destroy | 0 |
pthread_spin_lock | 0 |
pthread_spin_trylock | 0 |
pthread_spin_unlock | 0 |
pthread_barrier_init | 0 |
pthread_barrier_destroy | 0 |
Vulnerability and risk
These vulnerabilities typically occur when the software doesn't check for unusual or exceptional conditions that aren't expected to happen frequently. However, attackers may use these conditions to trigger unusual actions, introducing instability, incorrect behavior, or vulnerability. Even if there's no attack, bad data can be used in operations if the return value isn't checked, possibly leading to incorrect program flow, violation of data integrity, or application failure.
Mitigation and prevention
Add validation of return value and code to handle exceptional cases, making sure that there are mechanisms for checking and handling unusual or unexpected conditions. To ensure that exceptions are handled by the code, identify error conditions by running the program under low memory conditions or with insufficient privileges, interrupting a transaction, or disabling connectivity to network services.
Vulnerable code example
#include <pthread.h>
int foo() {
pthread_cond_t cond;
int res;
res = pthread_cond_init(&cond, NULL);
return 0;
}
Klocwork produces an issue report at line 6, indicating that the return value of 'pthread_cond_init' is not compared with 0. When a return value isn't checked, unexpected program behavior can occur.
Fixed code example
#include <pthread.h>
int foo() {
pthread_cond_t cond;
int res;
res = pthread_cond_init(&cond, NULL);
if (res != 0) return 1;
return 0;
}
In the fixed example, there is a check at line 7 for the return value.
External guidance
- CERT ERR33-C: Detect and handle standard library errors
- CERT EXP12-C: Do not ignore values returned by functions
- CERT POS54-C: Detect and handle POSIX library errors
- CWE-252: Unchecked Return Value
- CWE-253: Incorrect Check of Function Return Value
- CWE-390: Detection of Error Condition Without Action
- CWE-391: Unchecked Error Condition
- CWE-754: Improper Check for Unusual or Exceptional Conditions
- STIG-ID: APP3120 Application has error handling vulnerabilities
Security training
Application security training materials provided by Secure Code Warrior.