SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 78

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Do not explicitly or implicitly call std::quick_exit(),  std::abort(), or std::_Exit(). When the default terminate_handler is installed or the current terminate_handler responds by calling std::abort() or std::_Exit(), do not explicitly or implicitly call std::terminate()Abnormal process termination is the typical vector for denial-of-service attacks.

The std::exit() function is more complex. The C++ Standard, [basic.start.main], paragraph 4, states:

Terminating the program without leaving the current block (e.g., by calling the function std::exit(int) (17.5)) does not destroy any objects with automatic storage duration (11.4.6). If std::exit is called to end a program during the destruction of an object with static or thread storage duration, the program has undefined behavior.

You may call It is acceptable to call a termination function that safely executes destructors and properly cleans up resources, such as std::exit() only in a program that has not yet initialized any objects with automatic storage duration.

Noncompliant Code Example

...

5014

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

stdlib-use
Partially checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.ABORT
BADFUNC.EXIT

Use of abort
Use of exit

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++5014
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.TERMINATE
CERT.CATCHERR.ALLABRUPT_TERM
LDRA tool suite
Include Page
LDRA_V
LDRA_V

122 S

Enhanced Enforcement

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-ERR50-a
CERT_CPP-ERR50-b
CERT_CPP-ERR50-c
CERT_CPP-ERR50-d
CERT_CPP-ERR50-e
CERT_CPP-ERR50-f
CERT_CPP-ERR50-g
CERT_CPP-ERR50-h
CERT_CPP-ERR50-i
CERT_CPP-ERR50-j
CERT_CPP-ERR50-k
CERT_CPP-ERR50-l
CERT_CPP-ERR50-m
CERT_CPP-ERR50-n

The execution of a function registered with 'std::atexit()' or 'std::at_quick_exit()' should not exit via an exception
Never allow an exception to be thrown from a destructor, deallocation, and swap
Do not throw from within destructor
There should be at least one exception handler to catch all otherwise unhandled exceptions
An empty throw (throw;) shall only be used in the compound-statement of a catch handler
Exceptions shall be raised only after start-up and before termination of the program
Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths that could lead to that point
Where a function's declaration includes an exception-specification, the function shall only be capable of throwing exceptions of the indicated type(s)
Function called in global or namespace scope shall not throw unhandled exceptions
Always catch exceptions
Properly define exit handlers
The library functions 'abort()', ' function from the 'stdlib.h' or 'cstdlib' library shall not be used
Avoid throwing exceptions from functions that are declared not to throw
The 'quick_exit()' and '_Exit()' functions from the 'stdlib.h' or 'cstdlib' library shall not be used
Avoid throwing exceptions from functions that are declared not to throw

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: ERR50-CPPChecks for implicit call to terminate() function (rule partially covered)
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V667, V2014
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
stdlib-use
Partially checkedPRQA QA-C++
Include Page
PRQA QA-C++_VPRQA QA-C++_V
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S990

...