SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user David Svoboda

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Code Block
bgColor#FFcccc
langcpp
#include <new>
 
struct S { S(const S &) noexcept; /* ... */ }; // Has nonthrowing copy constructor
 
class T {
  int n;
  S *s1;
 
public:
  T(const T &rhs) : n(rhs.n), s1(rhs.s1 ? new S(*rhs.s1) : nullptr) {}
  ~T() { delete s1; }
 
  // ...
 
  T& operator=(const T &rhs) {
    n = rhs.n;
    delete s1;
    s1 = new S(*rhs.s1);
    return *this;
  }
};

...

Code Block
bgColor#ccccff
langcpp
#include <new>
 
struct S { S(const S &) noexcept; /* ... */ }; // Has nonthrowing copy constructor
 
class T {
  int n;
  S *s1;
 
public:
  T(const T &rhs) : n(rhs.n), s1(rhs.s1 ? new S(*rhs.s1) : nullptr) {}
  ~T() { delete s1; }

  // ...
 
  T& operator=(const T &rhs) {
    if (this != &rhs) {
      n = rhs.n;
      delete s1;
      try {
        s1 = new S(*rhs.s1);
      } catch (std::bad_alloc &) {
        s1 = nullptr; // For basic exception guarantees
        throw;
      }
    }
    return *this;
  }
};

...

Code Block
bgColor#ccccff
langcpp
#include <new>
#include <utility>
 
struct S { S(const S &) noexcept; /* ... */ }; // Has nonthrowing copy constructor
 
class T {
  int n;
  S *s1;
 
public:
  T(const T &rhs) : n(rhs.n), s1(rhs.s1 ? new S(*rhs.s1) : nullptr) {}
  ~T() { delete s1; }

  // ...
 
  void swap(T &rhs) noexcept {
    using std::swap;
    swap(n, rhs.n);
    swap(s1, rhs.s1);
  }
 
  T& operator=(const T &rhs) noexcept {
    T(rhs).swap(*this);
    return *this;
  }
};

...

Code Block
bgColor#ccccff
langcpp
  T(T &&rhs) { *this = std::move(rhs); }

  // ... everything except operator= ..

  T& operator=(T &&rhs) noexcept {
    using std::swap;
    swap(n, rhs.n);
    swap(s1, rhs.s1);
    return *this;
  }
  T& operator=(const T &rhs) {
    T temp(rhs);
    *this = std::move(temp);
    return *this;
  }

The copy assignment operator uses std::move() rather than swap() to achieve safe self-assignment and a strong exception guarantee. The move assignment operator uses a move (via the method parameter) and swap.

...

Allowing a copy assignment operator to corrupt an object could lead to undefined behavior.

Rule

Severity

Likelihood

Detectable

Remediation CostRepairable

Priority

Level

OOP54-CPP

Low

Probable

Yes

HighNo

P2P4

L3

Automated Detection

4072, 4073, 4075, 4076

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

dangling_pointer_use

Clang
9.0 (r361550)
cert-oop54-cppChecked by clang-tidy.
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.DC
ALLOC.DF
ALLOC.LEAK
LANG.MEM.NPD
LANG.STRUCT.RC
IO.UAC
ALLOC.UAF

Double Close
Double Free
Leak
Null Pointer Dereference
Redundant Condition
Use After Close
Use After Free

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++4072, C++4073, C++4075, C++4076


Klocwork
Include Page
Klocwork_V
Klocwork_V
CL.SELF-ASSIGN
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-OOP54-a

Check for assignment to self in operator=User-provided copy assignment operators shall handle self-assignment
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: OOP54-CPPChecks for copy assignment operators where self-assignment is not tested (rule partially covered)PRQA QA-C++
Include Page
PRQA QA-C++_VPRQA QA-C++_V

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

...