SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 48

changes.mady.by.user Martin Sebor

Saved on

compared with

New Version 49

changes.mady.by.user Martin Sebor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Mentioned insufficient storage and buffer overflow in Risk Assessment.

...

Code Block
bgColor#ccccff
langcpp
#if __clang__ || __GNUG__
  const size_t Overhead = sizeof(size_t);
#else
  const size_t Overhead = 2 * sizeof(size_t);
#endif

void* operator new[] (size_t n, void *p, size_t bufsize) {
  assert (n <= bufsize);   // alternatively, throw an exception
  return p;
}

void f() {
  const size_t N = 32;
  alignas(S) unsigned char buffer[sizeof(S) * N + Overhead];
  S *sp = new (buffer, sizeof buffer) S [N];
 
  // ...

  // Destroy elements of the array.
  for (size_t i = 0; i != N; ++i)
    sp[i].~S ();
 }

Risk Assessment

Providing Passing improperly aligned pointers or pointers to insufficient storage to placement new expressions can result in undefined behavior, including buffer overflow and abnormal termination.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM54-CPP

Medium

Likely

Medium

P8

L2

...