You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 35 Next »

The member initializer list for a class constructor allows members to be initialized to specified values and for base class constructors to be called with specific arguments. However, the order in which initialization occurs is fixed and does not depend on the order written in the member initializer list. According to the C++ Standard, [class.base.init], paragraph 11 [ISO/IEC 14882-2014]:

In a non-delegating constructor, initialization proceeds in the following order:
— First, and only for the constructor of the most derived class, virtual base classes are initialized in the order they appear on a depth-first left-to-right traversal of the directed acyclic graph of base classes, where “left-to-right” is the order of appearance of the base classes in the derived class base-specifier-list.
— Then, direct base classes are initialized in declaration order as they appear in the base-specifier-list (regardless of the order of the mem-initializers).
— Then, non-static data members are initialized in the order they were declared in the class definition (again regardless of the order of the mem-initializers).
— Finally, the compound-statement of the constructor body is executed.
[Note: The declaration order is mandated to ensure that base and member subobjects are destroyed in the reverse order of initialization. —end note]

Consequently, the order in which member initializers appear in the member initializer list is irrelevant. The order in which members are initialized, including base class initialization, is determined by the declaration order of the class member variables or the base class specifier list. Writing member initializers other than in canonical order can result in undefined behavior, such as reading uninitialized memory.

Always write member initializers in a constructor in the canonical order: first, direct base classes in the order in which they appear in the base-specifier-list for the class, then nonstatic data members in the order in which they are declared in the class definition.

Noncompliant Code Example

In this noncompliant code example, the member initializer list for C::C() attempts to initialize SomeVal first and then to initialize dependsOnSomeVal to a value dependent on someVal. Because the declaration order of the member variables does not match the member initializer order, attempting to read the value of someVal results in an unspecified value being stored into dependsOnSomeVal.

class C {
  int dependsOnSomeVal;
  int someVal;
 
public:
  C(int val) : someVal(val), dependsOnSomeVal(someVal + 1) {}
};

Compliant Solution

This compliant solution changes the declaration order of the class member variables so that the dependency can be ordered properly in the constructor's member initializer list:

class C {
  int someVal;
  int dependsOnSomeVal;
 
public:
  C(int val) : someVal(val), dependsOnSomeVal(someVal + 1) {}
};

Note that it is reasonable for initializers to depend on previously initialized values.

Noncompliant Code Example

In this noncompliant code example, the derived class, D, attempts to initialize the base class, B1, with a value obtained from the base class, B2. However, because B1 is initialized before B2 due to the declaration order in the base class specifier list, the resulting behavior is undefined.

class B1 {
  int val;
 
public:
  B1(int val) : val(val) {}
};

class B2 {
  int otherVal;
 
public:
  B2(int otherVal) : otherVal(otherVal) {}
  int get_other_val() const { return otherVal; }
};

class D : B1, B2 {
public:
  D(int A) : B2(A), B1(get_other_val()) {}
};

Compliant Solution

This compliant solution initializes both base classes using the same value from the constructor's parameter list instead of relying on the initialization order of the base classes:

class B1 {
  int val;
 
public:
  B1(int val) : val(val) {}
};

class B2 {
  int otherVal;
 
public:
  B2(int otherVal) : otherVal(otherVal) {}
};

class D : B1, B2 {
public:
  D(int A) : B1(A), B2(A) {}
};

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

OOP53-CPP

Medium

Unlikely

Medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

PRQA QA-C++

4.4

4053, 4056, 4058

 
Clang3.9-Wreorder 
LDRA tool suite
9.7.1

 

206 S

Fully implemented

Parasoft C/C++test9.5INIT-10 
SonarQube C/C++ Plugin4.10S3229 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[ISO/IEC 14882-2014]Subclause 12.6.2, "Initializing Bases and Members"
[Lockheed Martin 05]AV Rule 75, Members of the initialization list shall be listed in the order in which they are declared in the class

 


  • No labels