SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 16

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot (jp)

...

Some template metaprogramming techniques that employ ""substitution failure is not an error" " (SFINAE) use variadic functions to implement compile-time type queries, as in:

Code Block
typedef char True;
typedef struct { char a[2]; } False;

template &amp;lt;typename T&amp;gt;<typename T>
True isPtr(T *);

False isPtr(...);

#define is_ptr(e) (sizeof(isPtr(e)) == sizeof(True))

...

Code Block
bgColor#FFCCCC
#include &amp;lt;cstdarg&amp;gt;<cstdarg>

char *concatenate(char const *s, ...)
    {
    // code to actually concatenate the strings
    }

char *separator = /* some reasonable value */;

char *t = concatenate(&amp;quot;hello&amp;quot;"hello", separator, &amp;quot;world&amp;quot;"world", NULL);

Calling this function without the trailing null pointer, or with an argument of any type other than &quot;"pointer to possibly-CV-qualified char&quot; " yields undefined behavior:

Code Block
bgColor#FFCCCC
char *u = concatenate(&amp;quot;hello&amp;quot;"hello", separator, &amp;quot;world&amp;quot;"world"); // undefined behavior

char *v = concatenate(&amp;quot;hello&amp;quot;"hello", ' ', &amp;quot;world&amp;quot;"world", NULL); // undefined behavior

...

Code Block
bgColor#ccccff
#include &amp;lt;string&amp;gt;<string>

string separator = /* some reasonable value */;

string s = &amp;quot;hello&amp;quot;"hello" + separator + &amp;quot;world&amp;quot;"world";

Risk Assessment

Incorrectly using a variadic function can result in abnormal program termination, unintended information disclosure, or execution of arbitrary code.

...