Ignored function return value
If a functions return value is not checked, it could have failed without any warning.
- Integrity: The data which was produced as a result of a function could be in a bad state.
Implementation: This flaw is a simple logic issue, introduced entirely at implementation time.
- Languages: C or C++
- Operating platforms: Any
Likelihood of exploit
Avoidance and mitigation
- Implementation: Check all functions which return a value
- Implementation: When designing any function make sure you return a value or throw an exception in case of an error
Important and common functions will return some value about the success of its actions. This will alert the program whether or not to handle any errors caused by that function
malloc(sizeof(int)*4); In Java:
Although some Java members may use return values to state there status, it is preferable to use exceptions.