...
Code Block |
---|
namespace MyNamespace { int ilength; } namespace MyNamespace { int iwidth; } void f() { MyNamespace::ilength = MyNamespace::iwidth = 12; } |
The standard library introduces the namespace std
for standards-provided declarations such as std::string
, std::vector
, and std::for_each
. However, it is undefined behavior to introduce new declarations in namespace std
except under special circumstances. The C++ Standard, [namespace.std], paragraphs 1 and 2 [ISO/IEC 14882-2014], states the following:
1 The behavior of a C++ program is undefined if it adds declarations or definitions to namespace
std
or to a namespace within namespacestd
unless otherwise specified. A program may add a template specialization for any standard library template to namespacestd
only if the declaration depends on a user-defined type and the specialization meets the standard library requirements for the original template and is not explicitly prohibited.2 The 2 The behavior of a C++ program is undefined if it declares
— an explicit specialization of any member function of a standard library class template, or
— an explicit specialization of any member function template of a standard library class or class template, or
— an explicit or partial specialization of any member class template of a standard library class or class template.
In addition to restricting extensions to the the namespace std
, the C++ Standard, [namespace.posix], paragraph 1, further states the following:
The behavior of a C++ program is undefined if it adds declarations or definitions to namespace
posix
or to a namespace within namespaceposix
unless otherwise specified. The namespaceposix
is reserved for use by ISO/IEC 9945 and other POSIX standards.
...
In this noncompliant code example, the declaration of x
is added to the namespace std
, resulting in undefined behavior:.
Code Block | ||||
---|---|---|---|---|
| ||||
namespace std { int x; } |
...
In this compliant solution, a specialization of std::plus
is added to the std
namespace, but the specialization depends on a user-defined type and meets the Standard Template Library requirements for the original template, and so it complies with this rule. However, because MyString
can be constructed from std::string
, this compliant solution involves invoking a converting constructor whereas the previous compliant solution does not.
...
Altering the standard namespace can cause undefined behavior in the C++ standard library.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL58-CPP | High | Unlikely | Medium | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description |
---|
-q & Name Check
Axivion Bauhaus Suite |
| CertC++-DCL58 | |||||||
CodeSonar |
| LANG.STRUCT.DECL.SNM | Modification of Standard Namespaces | ||||||
Helix QAC |
| C++3180, C++3181, C++3182 | |||||||
Klocwork |
| CERT.DCL.STD_NS_MODIFIED | |||||||
Parasoft C/C++test |
| CERT_CPP-DCL58-a | Do not modify the standard namespaces 'std' and 'posix' | ||||||
Polyspace Bug Finder |
| CERT C++: DCL58-CPP | Checks for modification of standard namespaces (rule fully covered) | ||||||
PVS-Studio |
| V1061 |
SonarQube C/C++ Plugin |
| S3470 |
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Bibliography
[INCITS 2014] | Issue 2139, "What Is a User-Defined Type?" |
[ISO/IEC 14882-2014] | Subclause 17.6.4.2.1, "Namespace std "Subclause 17.6.4.2.2, "Namespace posix " |
...