Page History

...

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Noncompliant Code Example

In this noncompliant code example, the second function claims to throw only Exception1, but it may also throw Exception2.

#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  foo();    // Bad because foo() can throw Exception2
}

Compliant Solution

This compliant solution catches the exceptions thrown by foo().

#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  try {
    foo();
  } catch (Exception2 e) {
    // Handle error without rethrowing it
  }
}

Compliant Solution

This compliant solution declares a dynamic exception-specification for bar(), which covers all of the exceptions that can be thrown from it.

#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1, Exception2) {
  foo();
}

Noncompliant Code Example

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Implementation Details

Some vendors provide language extensions for specifying whether or not a function throws. For instance, Microsoft Visual Studio provides __declspec(nothrow)), and Clang supports __attribute__((nothrow)). Currently, the vendors do not document the behavior of specifying a nonthrowing function using these extensions. Throwing from a function declared with one of these language extensions is presumed to be undefined behavior.

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...