...
Throwing an exception that cannot be caught results in abnormal program termination and can lead to denial-of-service attacks.
Rule | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
ERR58-CPP | Low | Likely | No |
Yes |
P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| potentially-throwing-static-initialization | Partially checked | ||||||
| Axivion Bauhaus Suite |
| CertC++-ERR58 | |||||||
| Clang |
| cert-err58-cpp | Checked by clang-tidy | ||||||
| CodeSonar |
| LANG.STRUCT.EXCP.THROW | Use of throw | ||||||
| Helix QAC |
| C++4634, C++4636, C++4637, C++4639 | |||||||
| Parasoft C/C++test |
| CERT_CPP-ERR58-a | Exceptions shall be raised only after start-up and before termination of the program | |||||||
| Polyspace Bug Finder |
| CERT C++: ERR58-CPP | Checks for exceptions raised during program startup (rule fully covered) | ||||||
| RuleChecker |
| potentially-throwing-static-initialization | Partially checked |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
This rule is a subset of ERR50-CPP. Do not abruptly terminate the program
| SEI CERT C++ Coding Standard | DCL57-CPP. Do not let exceptions escape from destructors or deallocation functions ERR55-CPP. Honor exception specifications |
Bibliography
| [ISO/IEC 14882-2014] | Subclause 15.4, "Exception Specifications" |
| [Sutter 2000] | Item 8, "Writing Exception-Safe Code—Part 1" |
...
...