Namespaces introduce new declarative regions for declarations, reducing the likelihood of conflicting identifiers with other declarative regions. One feature of namespaces is that they can be further extended, even within separate translation units. For instance, the following declarations are well - formed:
| Code Block |
|---|
namespace MyNamespace {
int I;
}
namespace MyNamespace {
int J;
}
void f() {
MyNamespace::I = MyNamespace::J = 12;
} |
The standard library introduces the namespace std for standards-provided declarations such as std::string, std::vector, and std::for_each. However, it is undefined behavior to introduce new declarations in namespace std, except under special circumstances. The C++ Standard, [namespace.std], paragraph paragraphs 1 & and 2 , state [ISO/IEC 14882-2014], states:
1 The behavior of a C++ program is undefined if it adds declarations or definitions to namespace
stdor to a namespace within namespacestdunless otherwise specified. A program may add a template specialization for any standard library template to namespacestdonly if the declaration depends on a user-defined type and the specialization meets the standard library requirements for the original template and is not explicitly prohibited.2 The behavior of a C++ program is undefined if it declares
— an explicit specialization of any member function of a standard library class template, or
— an explicit specialization of any member function template of a standard library class or class template, or
— an explicit or partial specialization of any member class template of a standard library class or class template.
...
Do not add declarations or definitions to the standard namespaces std or posix, or to a namespace contained therein, except for a template specialization that depends on a user-defined type that meets the standard library requirements for the original template.
The Library Working Group, responsible for the wording of the Standard Library section of the C++ Standard, has an unresolved issue on the definition of " user-defined type. " While Although the Library Working Group has no official stance on the definition [INCITS 2014], we define it to be any class, struct, union, or enum that is not defined within namespace std or a namespace contained within namespace std. Effectively, it is a user-provided type instead of a standard library-provided library–provided type.
Noncompliant Code Example
In this noncompliant code example, the declaration of x is added to the namespace std, resulting in undefined behavior:
| Code Block | ||||
|---|---|---|---|---|
| ||||
namespace std {
int x;
}
|
...
In this noncompliant code example, a template specialization of std::plus is added to the namespace std in an attempt to allow std::plus to concatenate a std::string and MyString object together. However, because the template specialization is of a standard library-provided library–provided type (std::string), this code results in undefined behavior.
...
The interface for std::plus requires that both arguments to the function call operator are of the same type. Because the attempted specialization in the noncompliant code example results in undefined behavior, this compliant solution defines a new std::binary_function derivative which is capable of adding can add a std::string to a MyString object , without requiring modification of the namespace std.
...
Altering the standard namespace can cause undefined behavior in the C++ standard library.
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| -q & Name Check |
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
Bibliography
| [ISO/IEC 14882-2014] | 17.6.4.2.1, "Namespace std"17.6.4.2.2, "Namespace posix" |
| [INCITS 2014] | Issue 2139, "What is Is a User-Defined Type?" |
...