search menu icon-carat-right cmu-wordmark

Variadic Functions: How They Contribute to Security Vulnerabilities and How to Fix Them

November 2005 Article
Robert C. Seacord

In this LinuxWorld article, Robert Seacord discusses C/C++ language variadic functions and their use.

Publisher:

Software Engineering Institute

Abstract

C/C++ language variadic functions are functions that accept a variable number of arguments. Variadic functions are implemented using either the ANSI C stdarg approach or, historically, the UNIX System V vararg approach. Both approaches require that the contract between the developer and user of the variadic function not be violated by the user.