CWE Rule 703
Description
Rule Description
The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.
Polyspace Implementation
The rule checker checks for these issues:
- Errno not reset 
- Misuse of errno 
Examples
This issue occurs when
you do not reset errno before calling a function
that sets errno to indicate error conditions. However,
you check errno for those error conditions after
the function call.
An errno-setting function sets errno to nonzero values to indicate error conditions.
If you do not set errno to zero before calling an errno-setting function,a nonzero value of errno might be left over from a previous call to an errno-setting function. Using errno to check errors can then lead you to falsely conclude that an error occurred from the most recent call.
errno is set to 0 at program startup but is not automatically reset after an error occurs. You must explicitly set errno to 0 when required.
Before calling a function that sets errno to
indicate error conditions, reset errno to zero
explicitly.
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <float.h>
#define fatal_error() abort()
double func(const char *s1, const char *s2)
{
    double f1;
    f1 = strtod (s1, NULL);       //Noncompliant
    if (0 == errno) {        
      double f2 = strtod (s2, NULL); 
        if (0 == errno) {        
            long double result = (long double)f1 + f2;
            if ((result <= (long double)DBL_MAX) && (result >= (long double)-DBL_MAX)) 
				  {
                return (double)result;
            }
        }
    }
    fatal_error();
    return 0.0;
}In this example, errno is not reset to 0
before the first call to strtod. Checking errno for
0 later can lead to a false positive.
errno Before CallOne possible correction is to reset errno to
0 before calling strtod.
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <float.h>
#define fatal_error() abort()
double func(const char *s1, const char *s2)
{
    double f1;
    errno = 0;                   
    f1 = strtod (s1, NULL);
    if (0 == errno) {            
      double f2 = strtod (s2, NULL);  
        if (0 == errno) {       
            long double result = (long double)f1 + f2;
            if ((result <= (long double)DBL_MAX) && (result >= (long double)-DBL_MAX)) 
  			{
                return (double)result;
            }
        }
    }
    fatal_error();
    return 0.0;
}This issue occurs when
you check errno for error conditions in situations
where checking errno does not guarantee
the absence of errors. In some cases, checking errno can
lead to false positives.
For instance, you check errno following calls
to the functions:
- fopen: If you follow the ISO® Standard, the function might not set- errnoon errors.
- atof: If you follow the ISO Standard, the function does not set- errno.
- signal: The- errnovalue indicates an error only if the function returns the- SIG_ERRerror indicator.
The ISO C Standard does not enforce that these functions
set errno on errors. Whether the functions set errno or
not is implementation-dependent.
To detect errors, if you check errno alone,
the validity of this check also becomes implementation-dependent. 
In some cases, the errno value indicates
an error only if the function returns a specific error indicator.
If you check errno before checking the function
return value, you can see false positives.
For information on how to detect errors, see the documentation for that specific function.
Typically, the functions return an out-of-band error indicator to indicate errors. For instance:
- fopenreturns a null pointer if an error occurs.
- signalreturns the- SIG_ERRerror indicator and sets- errnoto a positive value. Check- errnoonly after you have checked the function return value.
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#define fatal_error() abort()
const char *temp_filename = "/tmp/demo.txt";
FILE *func()
{
    FILE *fileptr;
    errno = 0;
    fileptr = fopen(temp_filename, "w+b");
    if (errno != 0) { //Noncompliant
        if (fileptr != NULL) {
            (void)fclose(fileptr);
        }
        /* Handle error */
        fatal_error();
    }
    return fileptr;
}In this example, errno is the first variable
that is checked after a call to fopen. You might
expect that fopen changes errno to
a nonzero value if an error occurs. If you run this code with an implementation
of fopen that does not set errno on
errors, you might miss an error condition. In this situation, fopen can
return a null pointer that escapes detection.
fopen After
CallOne possible correction is to only check the return value of fopen for
a null pointer.
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#define fatal_error() abort()
const char *temp_filename = "/tmp/demo.txt";
FILE *func()
{
    FILE *fileptr;
    fileptr = fopen(temp_filename, "w+b");
    if (fileptr == NULL) { 
        fatal_error();
    }
    return fileptr;
}Check Information
| Category: Others | 
Version History
Introduced in R2024a
See Also
External Websites
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
웹사이트 선택
번역된 콘텐츠를 보고 지역별 이벤트와 혜택을 살펴보려면 웹사이트를 선택하십시오. 현재 계신 지역에 따라 다음 웹사이트를 권장합니다:
또한 다음 목록에서 웹사이트를 선택하실 수도 있습니다.
사이트 성능 최적화 방법
최고의 사이트 성능을 위해 중국 사이트(중국어 또는 영어)를 선택하십시오. 현재 계신 지역에서는 다른 국가의 MathWorks 사이트 방문이 최적화되지 않았습니다.
미주
- América Latina (Español)
- Canada (English)
- United States (English)
유럽
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)