CXX.ERRNO.NOT_CHECKED
Errno condition check is missing after calling library function
The CXX.ERRNO.NOT_CHECKED checker flags cases where the value of errno is not checked after calling a library function that sets its value.
Vulnerability and risk
The value of errno may be set from any previous call of library function. Not checking the value of errno after calling a library function that sets its value can lead to the incorrect execution of code.
Mitigation and prevention
Always check the value or errno after calling any library function that sets its value.
Vulnerable code example
#include <errno.h>
#include <limits.h>
#include <stdlib.h>
void func(const char *c_str) {
unsigned long number;
char *endptr;
errno=0;
number = strtoul(c_str, &endptr, 0);
}
In this noncompliant example, the code fails to check the value of errno after invoking strtoul(). If an error occurs, strtoul() returns a valid value (ULONG_MAX), so errno is the only means of determining if strtoul() ran successfully.
Fixed code example
#include <errno.h>
#include <limits.h>
#include <stdlib.h>
void func(const char *c_str) {
unsigned long number;
char *endptr;
errno = 0;
number = strtoul(c_str, &endptr, 0);
if (errno == ERANGE) {
/* Handle error */
} else {
/* Computation succeeded */
}
}
In this fixed example, the code checks the value of errno after the call to strtoul().
Extension
This checker can be extended through the Klocwork knowledge base (KBs). See Tuning C/C++ analysis for more information.