SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 40

changes.mady.by.user Aleksandr Karbyshev

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

Code Block
bgColor#FFcccc
langcpp
#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

Code Block
bgColor#ccccff
langcpp
#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Noncompliant Code Example

In this noncompliant code example, the second function claims to throw only Exception1, but it may also throw Exception2.

Code Block
bgColor#FFcccc
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  foo();    // Bad because foo() can throw Exception2
}

Compliant Solution

This compliant solution catches the exceptions thrown by foo().

Code Block
bgColor#ccccff
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  try {
    foo();
  } catch (Exception2 e) {
    // Handle error without rethrowing it
  }
}

Compliant Solution

This compliant solution declares a dynamic exception-specification for bar(), which covers all of the exceptions that can be thrown from it.

Code Block
bgColor#ccccff
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1, Exception2) {
  foo();
}

Noncompliant Code Example

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

Code Block
bgColor#FFcccc
langcpp
#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

Code Block
bgColor#ccccff
langcpp
#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Implementation Details

Some vendors provide language extensions for specifying whether or not a function throws. For instance, Microsoft Visual Studio provides __declspec(nothrow)), and Clang supports __attribute__((nothrow)). Currently, the vendors do not document the behavior of specifying a nonthrowing function using these extensions. Throwing from a function declared with one of these language extensions is presumed to be undefined behavior.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ERR55-CPP

Low

Likely

Low

P9

L2

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

unhandled-throw-noexcept
Partially checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-ERR55
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.EXCP.THROW

Use of throw

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++4035, C++4036, C++4632


LDRA tool suite
Include Page
LDRA_V
LDRA_V

56 D

Partially implemented

Parasoft C/C++Test
Include Page
Parasoft_V
Parasoft_V
MISRA2008-15_5_2, EXCEPT-14CERT_CPP-ERR55-a
Where a function's declaration includes an exception-specification, the function shall only be capable of throwing exceptions of the indicated type(s)
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: ERR55-CPPChecks for noexcept functions exiting with exception (rule fully covered)
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
unhandled-throw-noexcept
Partially checkedPRQA QA-C++4.1 4035, 4036, 4632

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...