SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 42

changes.mady.by.user Jon O'Donnell

Saved on

compared with

New Version Current

changes.mady.by.user Amy Gale

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added new CodeSonar warning classes

...

If no matching handler is found, the function std::terminate() is called; whether or not the stack is unwound before this call to std::terminate() is implementation-defined.

The default terminate handler called by std::terminate() calls std::abort(), which abnormally terminates the process. When std::abort() is called, or if the implementation does not unwind the stack prior to calling std::terminate(), destructors for objects may not be called and external resources can be left in an indeterminate state. Abnormal process termination is the typical vector for denial-of-service attacks. For more information on implicitly calling std::terminate(), see ERR50-CPP. Do not abruptly terminate the program.

...

Allowing the application to abnormally terminate can lead to resources not being freed, closed, and so on. It is frequently a vector for denial-of-service attacks.

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

ERR51-CPP

Low

Probable

Yes

MediumYes

P4 P6

L3 L2

Automated Detection

Unreachable Catch 

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

main-function-catch-all
early-catch-all		Partially checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-ERR51
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.UCTCH


PARSE.MBDH

Masked by handler
Masked by default handler

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++4035, C++4036, C++4037


Klocwork
Include Page
Klocwork_V
Klocwork_V

MISRA.CATCH.ALL


LDRA tool suite
Include Page
LDRA_V
LDRA_V

527 S

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-ERR51-a
CERT_CPP-ERR51-b

Always catch exceptions
Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths that could lead to that point

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: ERR51-CPPChecks for unhandled exceptions (rule partially covered) PRQA QA-C++
Include Page
PRQA QA-C++_VPRQA QA-C++_V4035, 4036, 4037
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
main-function-catch-all
early-catch-all
Partially checked
Security Reviewer - Static Reviewer

Include Page
Security Reviewer - Static Reviewer_V
Security Reviewer - Static Reviewer_V

C35Fully implemented

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

...