SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user Alexander Wagner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Furthermore, the array form of the non-placement new expression may increase the amount of storage it attempts to obtain by invoking the corresponding allocation function by an unspecified amount. This amount, referred to as overhead in the C++ standard, is commonly known as a cookie. The cookie is used to store the number of elements in the array so that the array delete expression or the exception unwinding mechanism can invoke the type's destructor on each successfully constructed element of the array. While the specific conditions under which the cookie is required by the array new expression aren't described in the C++ standard, they may be outlined in other specifications such as the application binary interface (ABI) document for the target environment. For example, the Itanium C++ ABI describes the rules for computing the size of a cookie, its location, and achieving the correct alignment of the array elements. When these rules require that a cookie be created, it is possible to obtain a suitably aligned array of elements of an overaligned type [CodeSourcery 2016a]. However, the rules are complex and the Itanium C++ ABI isn't universally applicable.

...

Using improperly aligned pointers results in undefined behavior, typically leading to abnormal termination.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM57-CPP

Medium

Unlikely

Low

P6

L2

Automated Detection

Tool

Version

Checker

Description

   

Astrée

Include Page
Astrée_V
Astrée_V

default-new-overaligned-type
Fully checked
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++3129
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MEM57-a

Avoid using the default operator 'new' for over-aligned types
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: MEM57-CPPChecks for situations where operator new is not overloaded for possibly overaligned types (rule fully covered)
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
default-new-overaligned-type
Fully checked
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardMEM54-CPP. Provide placement new with properly aligned pointers to sufficient storage capacity

Bibliography

[ISO/IEC 14882-2014]

Subclause 3.7.4, "Dynamic Storage Duration"
Subclause 5.3.4, "New"
Subclause 18.6.1, "Storage Allocation and Deallocation"

[
Array New Cookies
CodeSourcery 2016a]Itanium C++ ABI, version 1.86
[
N3396
INCITS 2012]Dynamic memory allocation for over-aligned data, WG14 proposal

...


...

Image Modified Image Modified Image Modified