RETVOID.IMPLICIT

Implicitly int function returns void value

The RETVOID.IMPLICIT checker finds instances in which an implicitly int function has an explicit return statement with no value.

Vulnerability and risk

If the returned value is used, it can cause the use of uninitialized memory.

Vulnerable code example

1
2
3
4
5
6
7
  #include  <math.h>
  #include  <stdio.h>
  #define     OK    1
  func ()
  {
    return; 
  }

Klocwork flags line 6 in this code, in which the implicitly int function func() has a return statement with no value.

Related checkers

• RETVOID.GEN

External guidance

• CERT DCL31-C: Declare identifiers before using them
• CWE-394: Unexpected Status Code or Return Value

Security training

Application security training materials provided by Secure Code Warrior.

• Insufficient Validation Training Video - Test your skills with a training example