SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 14

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Referencing an object outside of its lifetime can result in an attacker being able to run arbitrary code.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP61-CPP

High

Probable

High

P6

L2

Automated Detection

Tool

Version

Checker

Description

  

 

Astrée

Include Page
Astrée_V
Astrée_V

invalid_pointer_dereference

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF4706, DF4707, DF4708


Klocwork
Include Page
Klocwork_V
Klocwork_V
LOCRET.RET
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-EXP61-a
CERT_CPP-EXP61-b
CERT_CPP-EXP61-c

Never return lambdas that capture local objects by reference
Never capture local objects from an outer lambda by reference
The lambda that captures local objects by reference should not be assigned to the variable with a greater lifetime

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: EXP61-CPPChecks for situations where object escapes scope through lambda expressions (rule fully covered)
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V1047
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding Standard

EXP54-CPP. Do not access an object outside of its lifetime

Bibliography

[ISO/IEC 14882-2014]Subclause 3.8, "Object Lifetime"
Subclause 5.1.2, "Lambda Expressions"
 
 


...

 Image Modified