...
Further, the C++ Standard, [expr.mptr.oper], paragraph 6, in part, states the following:
If the second operand is the null pointer to member value, the behavior is undefined.
Do not use a pointer-to-member expression where the dynamic type of the first operand does not contain the member to which the second operand refers, including the use of a null pointer-to-member value as the second operand.
...
Risk Assessment
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
OOP55-CPP | High | Probable | No | NoHigh | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| overflow_upon_dereference invalid_function_pointer | ||||||||||||
| Axivion Bauhaus Suite |
| CertC++-OOP55 | ||||||||||||
| CodeSonar |
| LANG.MEM.UVAR | Uninitialized Variable | |||||||||||
| Helix QAC |
| DF2810, DF2811, DF2812, DF2813, DF2814 | ||||||||||||
| Klocwork |
| CERT.OOP.PTR_MEMBER.NO_MEMBER | ||||||||||||
| Parasoft C/C++test |
| CERT_CPP-OOP55-a | A cast shall not convert a pointer to a function to any other pointer type, including a pointer to function type | |||||||||||
| Parasoft Insure++ | Runtime detection | |||||||||||||
| Polyspace Bug Finder |
| CERT C++: OOP55-CPP | Checks for pointers to member accessing non-existent class members (rule fully covered). | PRQA QA-C++ | | Include Page | | PRQA QA-C++_V | PRQA QA-C++_V | 2810, 2811, 2812, 2813, 2814
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website.
...