This list of errata lists errors identified since the release of the PDF document entitled SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems in C++ (2016 Edition). These corrections were made to the SEI CERT C++ Coding Standard wiki, which is the most current source for this standards information. The focus of the correction is highlighted in red below in the Before and After columns. This page does not include additions since this standard was published, if the addition doesn't actually correct a defect that was in the publication.

LocationBefore (with error)After (with correction)Rationale
p. 9, Section 1.5

Except where noted, the contents of the CERT C Coding Standard apply equally to code written in C++. Content from the CERT C Coding Standard that apply to the CERT C++ Coding Standard are described in each related chapter of the C++ standard.

The following guidelines from the CERT C Coding Standard do not apply to the CERT C++ Secure Coding Standard:

Rules from the CERT C Coding Standard that apply to the CERT C++ Coding Standard are described in each related chapter of the C++ standard. The POSIX (POS) and Microsoft Windows (WIN) rules from the CERT C Coding Standard have not been reviewed for applicability to code written in C++ for those platforms.

Recommendations from the CERT C Coding Standard have not been reviewed for applicability to code written in C++.

The following rules from the CERT C Coding Standard have been reviewed and do not apply to the CERT C++ Secure Coding Standard:

Added more specificity about which parts of the CERT C Coding Standard have been reviewed for applicability. Removed the general statement about "Except where noted...".  Added specificity about recommendations and rules.
p. 17, Section 1.13.1.2Aaron Ballman, Lori Flynn, Will Klieber, Robert Schiela, Will Snavely, and David SvobodaLori Flynn, Will Klieber, Robert Schiela, and David Svoboda

Updated personel

p. 149, Section 3.14.1void g(std::string &&v) {void g(std::string v) {The rvalue reference "&&" was incorrect
p. 150, Section 3.14.2void g(std::string &&v) {void g(std::string v) {The rvalue reference "&&" was incorrect
p. 247, Section 7.5.6

To verify that the assumption is, in fact, safe, the compliant
solution also overloads the placement new[] operator to accept the buffer size as a third
argument and verifies that it is at least as large as the total amount of storage required.

To verify that the assumption is, in fact, safe, the compliant
solution also overloads the placement new[] operator to accept the buffer size as a third
argument and verifies that it is not smaller than the total amount of storage required.

Corrected the inequality.
p 247, Section 7.5.6

void *operator new[](size_t n, void *p, size_t bufsize) {
if (n <= bufsize) {

void *operator new[](size_t n, void *p, size_t bufsize) {
if (n > bufsize) {

Corrected the inequality.
p 247, Section 7.5.6

void f() {
const size_t n = 32;
alignas(S) unsigned char buffer[sizeof(S) * n + overhead];
S *sp = new (buffer, sizeof(buffer)) S[n];

void f() {
const size_t n = 32;
alignas(S) unsigned char buffer[sizeof(S) * n + overhead];
S *sp = ::new (buffer, sizeof(buffer)) S[n];

Explicitly use the global new operator
p. 312, Section 10.5.3T& operator=(const T &rhs) noexcept {T& operator=(T rhs) noexcept {Passses by value rather than const reference, for code correctness.
p.312, Section 10.5.3

Insert new section "Compliant Solution (Move and Swap)"

Demonstrates how to handle self-copy-assignment with move operators
p. 320, Section 10.1

Virtual functions allow for static dispatch of member function calls at runtime based on the
dynamic type of the object that the member function is being called on.

Virtual functions allow for the choice of member function calls to be determined at run time based on the dynamic type of the object that the member function is being called on.Sentence is now clearer.
p. 334, Section 10.3Section 10.3.4 is 'Risk Assessment'

New section inserted, Exceptions, with a new exception OOP52-CPP:EX0. (See OOP52-CPP for section contents)

The exception was deemed necessary to permit safe code that violated the letter of the rule.
p. 339, Section 10.4.5Section 10.4.5 is 'Risk Assessment'New section inserted, Exceptions, with a new exception OOP53-CPP:EX0. (See OOP53-CPP for section contentsThe exception was deemed necessary to permit safe code that violated the letter of the rule.
p. 343, Section 10.5.4Section 10.5.4 is 'Risk Assessment'New section insert, Compliant Solution (Move and Swap).An alternative optimized solution that uses std::move()
p. 363, Section 10.9.5Section 10.9.5 is 'Risk Assessment'

New section inserted, Exceptions, with a new exception OOP58-CPP:EX0. (See OOP58-CPP for section contents

The exception was deemed necessary to permit safe code that might have violated the letter of the rule.
  • No labels