Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

Code Block
bgColor#FFcccc
langcpp
#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

Code Block
bgColor#ccccff
langcpp
#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Noncompliant Code Example

In this noncompliant code example, the second function claims to throw only Exception1, but it may also throw Exception2.

Code Block
bgColor#FFcccc
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  foo();    // Bad because foo() can throw Exception2
}

Compliant Solution

This compliant solution catches the exceptions thrown by foo().

Code Block
bgColor#ccccff
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1) {
  try {
    foo();
  } catch (Exception2 e) {
    // Handle error without rethrowing it
  }
}

Compliant Solution

This compliant solution declares a dynamic exception-specification for bar(), which covers all of the exceptions that can be thrown from it.

Code Block
bgColor#ccccff
langcpp
#include <exception>
 
class Exception1 : public std::exception {};
class Exception2 : public std::exception {};

void foo() {
  throw Exception2{}; // Okay because foo() promises nothing about exceptions
}

void bar() throw (Exception1, Exception2) {
  foo();
}

Noncompliant Code Example

In this noncompliant code example, a function is declared as nonthrowing, but it is possible for std::vector::resize() to throw an exception when the requested memory cannot be allocated.

lang
Code Block
bgColor#FFcccc
cpp
#include <cstddef>
#include <vector>
 
void f(std::vector<int> &v, size_t s) noexcept(true) {
  v.resize(s); // May throw 
}

Compliant Solution

In this compliant solution, the function's noexcept-specification is removed, signifying that the function allows all exceptions.

Code Block
bgColor#ccccff
langcpp
#include <cstddef>
#include <vector>

void f(std::vector<int> &v, size_t s) {
  v.resize(s); // May throw, but that is okay
}

Implementation Details

Some vendors provide language extensions for specifying whether or not a function throws. For instance, Microsoft Visual Studio provides __declspec(nothrow)), and Clang supports __attribute__((nothrow)). Currently, the vendors do not document the behavior of specifying a nonthrowing function using these extensions. Throwing from a function declared with one of these language extensions is presumed to be undefined behavior.

...

Throwing unexpected exceptions disrupts control flow and can cause premature termination and denial of service.

Rule

Severity

Likelihood

Detectable

Remediation CostRepairable

Priority

Level

ERR55-CPP

Low

Likely

No

LowYes

P9P6

L2

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

unhandled-throw-noexcept
Partially checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-ERR55
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.EXCP.THROW

Use of throw

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++4035, C++4036, C++4632


LDRA tool suite
Include Page
LDRA_V
LDRA_V

56 D

Partially implemented

Parasoft C/C++Test
Include Page
Parasoft_V
Parasoft_V
CERT_CPP-ERR55-a
Where a function's declaration includes an exception-specification, the function shall only be capable of throwing exceptions of the indicated type(s)
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT PRQA QA- C++: ERR55-CPP
Include Page
PRQA QA-C++_VPRQA QA-C++_VChecks for noexcept functions exiting with exception (rule fully covered)
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
unhandled-throw-noexcept
Partially checked4035, 4036, 4632

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...