SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 73

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

A const or volatile reference type may result in undefined behavior instead of a fatal diagnostic, causing unexpected values to be stored and leading to possible data integrity violations.

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

DCL52-CPP

Low

Unlikely

Yes

YesLow

P3

L3

Automated Detection

0014

Tool

Version

Checker

Description

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-DCL52
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++0014
Klocwork
Include Page
Klocwork_V
Klocwork_V
CERT.DCL.REF_TYPE.CONST_OR_VOLATILE
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-DCL52-a

Never qualify a reference type with 'const' or 'volatile'

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: DCL52-CPP

Checks for:

  • const-qualified reference types
  • Modification of const-qualified reference types

Rule fully covered.

PRQA QA-C++
Include Page
PRQA QA-C++_VPRQA QA-C++_V

Clang
Include Page
Clang_V
Clang_V

 Clang checks for violations of this rule and produces an error without the need to specify any special flags or options.
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S3708

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[Dewhurst 2002]Gotcha #5, "Misunderstanding References"
[ISO/IEC 14882-2014]Subclause 8.3.2, "References"

...