Main Content

CWE Rule 683

Function Call With Incorrect Order of Arguments

Since R2023b

expand all in page

Description

Rule Description

The product calls a function, procedure, or routine, but the caller specifies the arguments in an incorrect order, leading to resultant weaknesses.

Polyspace Implementation

The rule checker checks for the issue Possible issue in order of memset family arguments.

Examples

expand all

Issue

This issue occurs when the third argument of memset or wmemset is a literal, indicating that the second and third arguments might have been switched.

Risk

void *memset (void *ptr, int value, size_t num) fills the first num bytes of the memory block that ptr points to with the specified value. If the second and third arguments are switched, the argument value is incorrect and the memory block is initialized with an unintended value.

Fix

Fix the order of arguments to memset or wmemset.

Example — Incorrect Order of Arguments to memset

In this example, the function fill_null_character() intends to fill the buffer buf with the null character '\0'. When filling the buffer, the order of arguments to memset is reversed.

#include <string.h>

void fill_null_character()
{
    char buf[32];
    memset(buf, sizeof(buf)/sizeof(char), '\0'); //Noncompliant
}
Correction — Switch Order of Arguments

Make sure that the second argument to memset is the literal that you want to fill the buffer with, and the third argument is the buffer size.

#include <string.h>

void fill_null_character()
{
    char buf[32];
    memset(buf, '\0', sizeof(buf)/sizeof(char));
}

Check Information

Category: Others

Version History

Introduced in R2023b

See Also

Topics

External Websites