Checkers:SV.RVT.RETVAL_NOTTESTED
From current
Ignored return value
It's important to check return values to ensure that functions were successful, since ignoring exceptions and error conditions may allow an attacker to introduce unexpected behavior. The SV.RVT.RETVAL_NOTTESTED checker reports ignored return value codes for the following functions:
| function | return values to check |
|---|---|
| socket | -1, 0 |
| recv | 0, -1 |
| pthread_mutex_destroy | 0 |
| pthread_mutex_lock | 0 |
| pthread_mutex_trylock | 0 |
| pthread_mutex_unlock | 0 |
| pthread_mutex_timedlock | 0 |
| pthread_mutex_getprioceiling | 0 |
| pthread_mutex_setprioceiling | 0 |
| pthread_cond_init | 0 |
| pthread_cond_destroy | 0 |
| pthread_cond_wait | 0 |
| pthread_cond_timedwait | 0 |
| pthread_cond_broadcast | 0 |
| pthread_rwlock_init | 0 |
| pthread_rwlock_destroy | 0 |
| pthread_rwlock_rdlock | 0 |
| pthread_rwlock_tryrdlock | 0 |
| pthread_rwlock_timedrdlock | 0 |
| pthread_rwlock_wrlock | 0 |
| pthread_rwlock_trywrlock | 0 |
| pthread_rwlock_timedwrlock | 0 |
| pthread_rwlock_unlock | 0 |
| pthread_rwlockattr_init | 0 |
| pthread_rwlockattr_destroy | 0 |
| pthread_spin_init | 0 |
| pthread_spin_destroy | 0 |
| pthread_spin_lock | 0 |
| pthread_spin_trylock | 0 |
| pthread_spin_unlock | 0 |
| pthread_barrier_init | 0 |
| pthread_barrier_destroy | 0 |
Vulnerability and risk
These vulnerabilities typically occur when the software doesn't check for unusual or exceptional conditions that aren't expected to happen frequently. However, attackers may use these conditions to trigger unusual actions, introducing instability, incorrect behavior, or vulnerability. Even if there's no attack, bad data can be used in operations if the return value isn't checked, possibly leading to incorrect program flow, violation of data integrity, or application failure.
Mitigation and prevention
Add validation of return value and code to handle exceptional cases, making sure that there are mechanisms for checking and handling unusual or unexpected conditions. To ensure that exceptions are handled by the code, identify error conditions by running the program under low memory conditions or with insufficient privileges, interrupting a transaction, or disabling connectivity to network services.
Code examples
Vulnerable code example
1 #include <pthread.h> 2 3 int foo() { 4 pthread_cond_t cond; 5 int res; 6 res = pthread_cond_init(&cond, NULL); 7 return 0; 8 }
Klocwork produces an issue report at line 6, indicating that the return value of 'pthread_cond_init' is not compared with 0. When a return value isn't checked, unexpected program behavior can occur.
Fixed code example
1 #include <pthread.h> 2 3 int foo() { 4 pthread_cond_t cond; 5 int res; 6 res = pthread_cond_init(&cond, NULL); 7 if (res != 0) return 1; 8 return 0; 9 }
In the fixed example, there is a check at line 7 for the return value.
Security Guidelines
- CWE-252: Unchecked Return Value
- CWE-253: Incorrect Check of Function Return Value
- CWE-390: Detection of Error Condition Without Action
- CWE-391: Unchecked Error Condition
- CWE-754: Improper Check for Unusual or Exceptional Conditions
- EXP12-C:Do not ignore values returned by functions
- STIG-ID:APP3120 Application has error handling vulnerabilities
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors