...
Failing to properly construct or destroy an object leaves its internal state inconsistent, which can result in undefined behavior and accidental information exposure.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
MEM53-CPP | High | Likely | No | NoMedium | P18P9 | L1L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Helix QAC |
| DF4761, DF4762, DF4766, DF4767 | |||||||
| Klocwork |
| CERT.MEM.OBJ_LIFETIME_CTOR | |||||||
| Parasoft C/C++test |
| CERT_CPP-MEM53-a | Do not invoke malloc/realloc for objects having constructors | ||||||
| Polyspace Bug Finder |
| CERT C++: MEM53-CPP | Checks for objects allocated but not initialized (rule fully covered). | ||||||
| PVS-Studio |
| V630, V749 | |||||||
| Security Reviewer - Static Reviewer | 6.02 | CPP_28 CPP_29 | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...