...
In either case, f()
must be the final overrider, guaranteeing consistent behavior of the function being called.
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
OOP50-CPP | Low | Unlikely | Medium | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
LDRA tool suite |
| 467 S, 92 D | Fully implemented | ||||||
Parasoft C/C++test |
|
|
| OOP-16 |
PRQA QA-C++ |
| 4260, 4261, 4273, 4274, |
Clang |
| clang-analyzer-alpha.cplusplus.VirtualCall | Checked by clang-tidy | ||||||
SonarQube C/C++ Plugin |
| S1699 |
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
[Dewhurst 2002] | Gotcha #75, "Calling Virtual Functions in Constructors and Destructors" |
[ISO/IEC 14882-2014] | Subclause 5.5, "Pointer-to-Member Operators" |
[Lockheed Martin 2005] | AV Rule 71.1, "A class' |
s virtual functions shall not be invoked from its destructor or any of its constructors" | |
[Sutter 2004] | Item 49, "Avoid Calling Virtual Functions in Constructors and Destructors" |
...
...