...
The C99 exit() function is used for normal program termination. (see See recommendation ERR04-C. Choose an appropriate termination strategy.) . Nested calls to exit() result in undefined behavior. (see See also undefined behavior #172 in Annex J.) . This can only occur when exit() is invoked from a function registered with atexit(), or when exit() is called from within a signal handler. (see See rule SIG30-C. Call only asynchronous-safe functions within signal handlers.).
If a call to the longjmp function is made that would terminate the call to a function registered with atexit(), the behavior is undefined.
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ENV32-C | medium | likely | medium | P12 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
CERT This rule appears in the C++ Secure Coding Standard as : ENV32-CPP. All atexit handlers must return normally.
Bibliography
unmigrated-wiki-markup
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.20.4.3, "The {{exit}} function"
\[[
ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] TR 24772 "EWD Structured Programming" and "REU Termination Strategy" \[[MITRE 07|AA. Bibliography#MITRE 07]\] [CWE ID 705|http://cwe.mitre.org/data/definitions/705.html], "Incorrect Control Flow Scoping"
MITRE CWE: CWE ID 705, "Incorrect Control Flow Scoping"
Bibliography
...