The C Language facilities setjmp() and longjmp() can be used as a poor attempt to simulate the throwing and catching of exceptions, but they are very low-level facilities, and using them can bypass proper resource management and the proper calling of destructors.
Non-Compliant Code Example
Compliant Solution
Risk Assessment
Using setjmp() and longjmp() could lead to a denial-of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
RES39-C | 1 (low) | 2 (probable) | 2 (medium) | P4 | L3 |
References
| Wiki Markup |
|---|
\[[Henricson 97|AA. C++ References#Henricson 97]\] Rule 13.3 Do not use {{setjmp()}} and {{longjmp()}}. |
...