SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

The [[noreturn]] attribute specifies that a function does not return. The C++ Standard, [dcl.attr.noreturn] paragraph 2 [ISO/IEC 14882-2014], states the following:

If a function f is called where f was previously declared with the noreturn attribute and f eventually returns, the behavior is undefined.

A function that specifies [[noreturn]] can prohibit returning by throwing an exception, entering an infinite loop, or calling another function designated with the [[noreturn]] attribute.

Noncompliant Code Example

In this noncompliant code example, if the value 0 is passed, control will flow off the end of the function, resulting in an implicit return and undefined behavior:.

Code Block
bgColor#FFcccc
langcpp
#include <cstdlib>
 
[[noreturn]] void f(int i) {
  if (i > 0)
    throw "Received positive input";
  else if (i < 0)
    std::exit(0);
}

Compliant Solution

In this compliant solution, the function does not return on any code path:.

Code Block
bgColor#ccccff
langcpp
#include <cstdlib>
 
[[noreturn]] void f(int i) {
  if (i > 0)
    throw "Received positive input";
  std::exit(0);
}

Risk Assessment

Returning from a function marked [[noreturn]] results in undefined behavior that might be exploited to cause data-integrity violations.

Rule

Severity

Likelihood

Detectable

Remediation Cost

Repairable

Priority

Level

MSC55

MSC53-CPP

Medium

Unlikely

Low

Yes

No

P2

P4

L3

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

invalid-noreturn
Fully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-MSC53
Clang
Include Page
Clang_V
Clang_V
-Winvalid-noreturn
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.RFNR

Return from noreturn

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF2886
Klocwork
Include Page
Klocwork_V
Klocwork_V
CERT.MSC.NORETURN_FUNC_RETURNS
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MSC53-a

Never return from functions that should not return
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: MSC53-CPPChecks for [[noreturn
 
]] functions returning to caller (rule fully covered)
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V1082
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
invalid-noreturn
Fully checked
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S935

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

  

Bibliography

[ISO/IEC 14882-2014]

Subclause 7.6.3, "

Noreturn

noreturn Attribute"

...


...

Image Modified Image Modified Image Modified