SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 35

changes.mady.by.user Amy Gale

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Localize CodeSonar crossreferences to C++ scope

The C++ Standard, [expr.delete], paragraph 3 [ISO/IEC 14882-2014], states the following:

In the first alternative (delete object), if the static type of the object to be deleted is different from its dynamic type, the static type shall be a base class of the dynamic type of the object to be deleted and the static type shall have a virtual destructor or the behavior is undefined. In the second alternative (delete array) if the dynamic type of the object to be deleted differs from its static type, the behavior is undefined.

...

In this compliant solution, the static type of b is Derived *, which removes the undefined behavior when indexing into the array as well as when deleting the pointer:.

Code Block
bgColor#ccccff
langcpp
struct Base {
  virtual ~Base() = default;
};

struct Derived final : Base {};

void f() {
   Derived *b = new Derived[10];
   // ...
   delete [] b;
}

...

Attempting to destroy an array of polymorphic objects through the incorrect static type is undefined behavior. In practice, potential consequences include abnormal program execution and memory leaks.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP51-CPP

Low

Unlikely

Medium

P2

L3

Automated Detection

Tool

Version

Checker

Description

Clang

Include Page
Clang_V
Clang_V
-analyzer-checker=cplusplusChecked with clang -cc1 or (preferably) scan-build
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.TM

Type Mismatch

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++3166
Klocwork
Include Page
Klocwork_V
Klocwork_V
CERT.EXPR.DELETE_ARR.BASE_PTR
Parasoft C/C++test
9.5PB-10 
Include Page
Parasoft_V
Parasoft_V
CERT_CPP-EXP51-a

Do not treat arrays polymorphically

Parasoft Insure++
  


Runtime detection
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: EXP51-CPPChecks for delete operator used to destroy downcast object of different type.
Runtime detection

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding Standard

CTR56-CPP. Do not use pointer arithmetic on polymorphic objects

OOP52-CPP. Do not delete a polymorphic object without a virtual destructor

Bibliography

[ISO/IEC 14882-2014]

Subclause 5.3.5, "Delete"

...


...

Image Modified Image Modified Image Modified