CWARN.NULLCHECK.FUNCNAME

Ineffective function address check

The CWARN.NULLCHECK.FUNCNAME checker finds instances in which a function address is directly compared to 0.

Vulnerability and risk

Function addresses never equal 0, so comparing them with 0 is either always false or always true. Such comparisons have no effect, so it's probable that design intent isn't being accomplished.

Vulnerable code example

Copy
  void foo() {
  }
  
  void bar() {
    if (foo != 0)  
      return;
  }

Klocwork flags line 5, in which the function name foo is being compared to 0.

Security training

Application security training materials provided by Secure Code Warrior.