LANG.FUNCS.IRV : Ignored Return Value

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.2p0

CONFIDENTIAL

CodeSecure Inc

C and C++

Binaries

LANG.FUNCS.IRV : Ignored Return Value

Summary

The value returned by some function has not been used.

Properties

Class Name

Ignored Return Value

Significance

reliability

Mnemonic

LANG.FUNCS.IRV

Categories

MisraC2025	MisraC2025:17.7	The value returned by a function having non-void return type shall be used
	MisraC2025:D.4.7	If a function returns error information, then that error information shall be tested
	MisraC2025:D.4.14	The validity of values received from external sources shall be checked
MisraC2023	MisraC2023:17.7	The value returned by a function having non-void return type shall be used
	MisraC2023:D.4.7	If a function returns error information, then that error information shall be tested
	MisraC2023:D.4.14	The validity of values received from external sources shall be checked
Misra2012	Misra2012:17.7	The value returned by a function having non-void return type shall be used
	Misra2012:D.4.7	If a function returns error information, then that error information shall be tested
	Misra2012:D.4.14	The validity of values received from external sources shall be checked
Misra2004	Misra2004:16.10	If a function returns error information, then that error information shall be tested
AUTOSARC++14	AUTOSARC++14:A0-1-2	The value returned by a function having a non-void return type that is not an overloaded operator shall be used.
	AUTOSARC++14:M0-3-2	If a function generates error information, then that error information shall be tested.
MisraC++2008	MisraC++2008:0-1-7	The value returned by a function having a non-void return type that is not an overloaded operator shall always be used.
	MisraC++2008:0-3-2	If a function generates error information, then that error information shall be tested.
MisraC++2023	MisraC++2023:0.1.2	The value returned by a function shall be used
	MisraC++2023:28.6.4	The result of std::remove, std::remove_if, std::unique and empty shall be used
CWE	CWE:252	Unchecked Return Value
	CWE:391	Unchecked Error Condition
	CWE:394	Unexpected Status Code or Return Value
TS17961	TS17961:5.19-liberr	Failing to detect and handle standard library errors
CERT-C	CERT-C:ERR33-C	Detect and handle standard library errors
	CERT-C:EXP12-C	Do not ignore values returned by functions
	CERT-C:POS54-C	Detect and handle POSIX library errors
JSF++	JSF++:115	If a function returns error information, then that error information will be tested.
DISA-6r1	DISA-6r1:V-222656	The application must not be subject to error handling vulnerabilities.
DISA-5r3	DISA-5r3:V-70391	The application must not be subject to error handling vulnerabilities.
DISA-4r3	DISA-4r3:V-70391	The application must not be subject to error handling vulnerabilities.
DISA-3r10	DISA-3r10:V-6166	The designer will ensure the application is not subject to error handling vulnerabilities.
POW10	POW10:7	Check the return value of non-void functions, and check the validity of function parameters.
JPL	JPL:14	Check the return value of non-void functions, or explicitly cast to (void).
OWASP-2025	OWASP-2025:A10	Mishandling of Exceptional Conditions

Availability

Available for C and C++.

Enabling

Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file.

WARNING_FILTER += discard class="Ignored Return Value"

Example

#include <stdio.h>

int lang_funcs_irv(FILE *f){
  feof(f);               /* 'Ignored Return Value' warning issued here
                          * - factory settings include
                          *   RETURN_CHECKER_BUILT_IN_CHECKED_PURE_FUNCS += ^feof$
                          */
  /* ... remainder of function (for example, operations on f) */
  return 0;
}

Enforced and Excluded Checks

For all procedures, CodeSonar uses a statistical analysis to determine whether the return value can be ignored. The sensitivity of this analysis is controlled by the RETURN_CHECKER_RATIO and RETURN_CHECKER_CONFIDENCE parameters.

To enforce return value use for a specific procedure or set of procedures (overruling the statistical analysis if necessary), use one of the following, as appropriate.
- RETURN_CHECKER_CHECKED_FUNCS for functions with side effects whose return values must be checked on all paths.
- RETURN_CHECKER_CHECKED_PURE_FUNCS for side-effect-free functions whose return values must be checked on at least one path.
- RETURN_CHECKER_CHECKED_PURE_SOME_PATHS_FUNCS for side-effect-free functions whose return values must be checked on all paths.
To exclude a specific procedure or set of procedures from the return value use check (overruling the statistical analysis if necessary), use the RETURN_CHECKER_IGNORED_FUNCS configuration file parameter. RETURN_CHECKER_IGNORED_FUNCS takes precedence over the parameters that enforce checking.
If you want to suppress warnings for some function fname() that is specified in factory settings for RETURN_CHECKER_BUILT_IN_CHECKED_FUNCS or RETURN_CHECKER_BUILT_IN_CHECKED_PURE_FUNCS while still preserving those factory settings in your configuration file, add the following rule to your configuration file.
```
RETURN_CHECKER_IGNORED_FUNCS+= ^fname$
```

The general template configuration file contains factory settings enforcing checks for many functions with important return values, and permitting return values to be ignored for several more. For full lists, see the "Factory Settings" in the documentation for each parameter.

Effects on warning instance scores

For warnings issued due to ignoring the return value of a function specified by one of the parameters that enforce checking, the warning instance score will depend in part on which parameter was used. All else being equal, the ordering is:

RETURN_CHECKER_CHECKED_FUNCS (highest score)
RETURN_CHECKER_CHECKED_PURE_FUNCS, RETURN_CHECKER_CHECKED_PURE_SOME_PATHS_FUNCS (if checked on no paths)
RETURN_CHECKER_CHECKED_PURE_SOME_PATHS_FUNCS (if checked on some but not all paths)
RETURN_CHECKER_BUILT_IN_CHECKED_FUNCS
RETURN_CHECKER_BUILT_IN_CHECKED_PURE_FUNCS
not specified with any of these parameters: statistical inference only (lowest score)

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

To report problems with this documentation, please visit https://support.codesecure.com/.