You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

The [[noreturn]] attribute specifies that a function does not return. The C++ Standard, [dcl.attr.noreturn] paragraph 2 [ISO/IEC 14882-2014], states the following:

If a function f is called where f was previously declared with the noreturn attribute and f eventually returns, the behavior is undefined.

A function that specifies [[noreturn]] can prohibit returning by throwing an exception, entering an infinite loop, or calling another function designated with the [[noreturn]] attribute.

Noncompliant Code Example

In this noncompliant code example, if the value 0 is passed, control will flow off the end of the function, resulting in an implicit return and undefined behavior.

#include <cstdlib>
 
[[noreturn]] void f(int i) {
  if (i > 0)
    throw "Received positive input";
  else if (i < 0)
    std::exit(0);
}

Compliant Solution

In this compliant solution, the function does not return on any code path.

#include <cstdlib>
 
[[noreturn]] void f(int i) {
  if (i > 0)
    throw "Received positive input";
  std::exit(0);
}

Risk Assessment

Returning from a function marked [[noreturn]] results in undefined behavior that might be exploited to cause data-integrity violations.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC53-CPP

Medium

Unlikely

Low

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée

22.10

invalid-noreturn
Fully checked
Axivion Bauhaus Suite

7.2.0

CertC++-MSC53
Clang
3.9
-Winvalid-noreturn
Helix QAC

2024.3



Parasoft C/C++test

2023.1

CERT_CPP-MSC53-a

Never return from functions that should not return
RuleChecker
22.10
invalid-noreturn
Fully checked
SonarQube C/C++ Plugin
4.10
S935

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[ISO/IEC 14882-2014]

Subclause 7.6.3, "noreturn Attribute"



  • No labels