RETVOID.GEN

Non-void function returns void value

The RETVOID.GEN checker finds instances in which a non-void function has an explicit return statement with no value.

Vulnerability and risk

If the returned value is used, it can cause the use of uninitialized memory.

Vulnerable code example

1
2
3
4
5
6
7
  #include  <math.h>
  #include  <stdio.h>
  #define     OK    1
  int func ()
  {
    return;
  }

Klocwork flags line 6 in this code, in which the int function func() has a return statement with no value.

Related checkers

• RETVOID.IMPLICIT

External guidance

• CWE-394: Unexpected Status Code or Return Value

Security training

Application security training materials provided by Secure Code Warrior.

• Insufficient Validation Training Video - Test your skills with a training example