View Help Online

Start here

Home
About Klocwork
What's new
Fixed issues
Release notes
Installation

Reference

C/C++ checkers
Java checkers
C# checkers
MISRA C 2004 checkers
MISRA C++ 2008 checkers
MISRA C 2012 checkers
MISRA C 2012 checkers with Amendment 1
Commands
Metrics
Troubleshooting
Reference

Product components

C/C++ Integration build analysis
Java Integration build analysis
Desktop analysis
Refactoring
Klocwork Static Code Analysis
Klocwork Code Review
Structure101
Tuning
Custom checkers

Coding environments

Visual Studio
Eclipse for C/C++
Eclipse for Java
IntelliJ IDEA
Other

Administration

Project configuration
Build configuration
Administration
Analysis performance
Server performance
Security/permissions
Licensing
Klocwork Static Code Analysis Web API
Klocwork Code Review Web API

Community

View help online
Visit RogueWave.com
Klocwork Support
Rogue Wave Videos

Legal

Legal information

UNUSED.FUNC.WARN

Potential unused function definition

Potential unused function.

Vulnerability and risk

A defined but unused function can have a few implications. It can lead to development confusion such as the wrong function having similar name being called. In some rare occasions, the unused function may also find its way into the final executable which may lead to other vulnerabilities. If a function is deemed unused then it should be removed from the translation unit. Conversely, if a function is supposed to be called from other translation units (non-static functions, for example: a custom library function) then it should have a declaration in a header file. Otherwise, it should be defined as a static function and used at some point within the current translation unit.

Vulnerable code example 1

1  File: lib.h
2  void used();
3  
4  File: driver.c
5  #include “lib.h”
6  void used() {
7  }
8  void unused() { //A non-static function without any declaration in a header file
9  }
10  int main() {
11    used();
12    return 0;
13  }

The function "unused()" is neither called nor has a declaration in the file "lib.h". It is still possible to call "unused()" from other translation units through "extern" declaration in which case the file "lib.h" should contain a corresponding declaration. Klocwork produces UNUSED.FUNC.WARN on line 5 of driver.c file.

Fixed code example 1

1  File: lib.h
2  void used();
3  void unused();
4  
5  File: driver.c
6  #include “lib.h”
7  void used() {
8  }
9  void unused() { //A non-static function without any declaration in a header file
10  }
11  int main() {
12    used();
13    return 0;
14  }

In the listing above, it is assumed that the function "unused()" may be called from outside of "driver.c" hence a declaration is added in "lib.h" file.

Vulnerable code example 2

1  void foo(int x) {}
2  void foo(int x, int y) {}
3  
4  int main() {
5    foo(0, 0);
6    return 0;
7  }

Above, the overloaded "foo(int)" is defined but never used within the current translation unit. Klocwork produces UNUSED.FUNC.WARN on line 1.

Fixed code example 2

1  void foo(int x, int y) {}
2  
3  int main() {
4    foo(0, 0);
5    return 0;
6  }

The unused function is removed.

Related checkers

Parent topic: Suspicious code practices
Previous topic: SV.USAGERULES.PROCESS_VARIANTS

© Rogue Wave Software, Inc. All rights reserved. | Contact