Missing Return Statement in Non-Void Function

Description

A non-void function does not have a return statement, resulting in an undefined return value.

Examples

Insecure Code

int foo() { }

Secure Code

int foo() { return 0; }

Remediation

Add a return statement to the function with a valid return value.

Rule Details

Field	Value
ID	CODE-0487
Category	Generic
Severity	MEDIUM
CWE	CWE-393
Confidence	LOW
Impact	MEDIUM
Likelihood	MEDIUM
Exploitability	MODERATE
Tags
OWASP	N/A

References

• https://cwe.mitre.org/data/definitions/393
• https://cwe.mitre.org/data/definitions/394

---