SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 21

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: s/from/in/ in 1st NCCE

...

In this noncompliant code example, an exception of type S is thrown from in f(). However, because S has a std::string data member, and the copy constructor for std::string is not declared noexcept, the implicitly-defined copy constructor for S is also not declared to be noexcept. In low-memory situations, the copy constructor for std::string may be unable to allocate sufficient memory to complete the copy operation, resulting in a std::bad_alloc exception being thrown.

...

Allowing the application to abnormally terminate can lead to resources not being freed, closed, and so on. It is frequently a vector for denial-of-service attacks.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ERR60-CPP

Low

Probable

Medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

Clang
Include Page
Clang_38_V
Clang_38_V
cert-err60-cppChecked by clang-tidy
PRQA QA-C++
Include Page
PRQA QA-C++_V
PRQA QA-C++_V

3508

 


Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding Standard

ERR50-CPP. Do not abruptly terminate the program
ERR55-CPP. Honor exception specifications

Bibliography

[Hinnant 2015]
 

[ISO/IEC 14882-2014]

Subclause 15.1, "Throwing an Exception"
Subclause 18.8.1, "Class exception"
Subclause 18.8.5, "Exception Propagation"

...


...