...
Note that the behavior of a program that calls exit() from an atexit handler is undefined. (See undefined behavior 182 187 in Annex J of the C Standard. See also ENV32-C. All exit handlers must return normally.)
...
The following table summarizes the exit behavior of the program termination functions.
Function | Closes | Flushes | Removes | Calls | Program |
|---|---|---|---|---|---|
|
|
|
|
| |
|
|
|
|
| |
|
|
|
|
| |
Return from |
|
|
|
|
Table legend:
– Yes. The specified action is performed.
– No. The specified action is not performed.
– Implementation-defined. Whether the specified action is performed depends on the implementation.
...
As an example, using abort() or _Exit() in place of exit() may leave written files in an inconsistent state and may also leave sensitive temporary files on the file system.
Recommendation | Severity | Likelihood | Detectable |
|---|
Repairable | Priority | Level | |
|---|---|---|---|
ERR04-C | Medium | Probable | No |
No | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
| Parasoft C/C++test |
| CERT_C-ERR04-a | The 'abort()' function from the 'stdlib.h' or 'cstdlib' library shall not be used | |||||||
| PC-lint Plus |
| 586 | Fully supported | ||||||
| Security Reviewer - Static Reviewer |
| C31 | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ Coding Standard | VOID ERR04-CPP. Choose an appropriate termination strategy |
| CERT Oracle Secure Coding Standard for Java | FIO14-J. Perform proper cleanup at program termination |
| ISO/IEC TR 24772:2013 | Termination Strategy [REU] |
| MITRE CWE | CWE-705, Incorrect control flow scoping |
Bibliography
| [IEEE Std 1003.1:2013] | XSH, System Interfaces, exit |
| [ISO/IEC 9899:2011] | Subclause 5.1.2.2.3, "Program Termination" Subclause 7.22.4, "Communication with the Environment" |
...