You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

The C++ Standard, [expr.delete], paragraph 3, states [ISO/IEC 14882-2014]:

In the first alternative (delete object), if the static type of the object to be deleted is different from its dynamic type, the static type shall be a base class of the dynamic type of the object to be deleted and the static type shall have a virtual destructor or the behavior is undefined. In the second alternative (delete array) if the dynamic type of the object to be deleted differs from its static type, the behavior is undefined.

Do not delete an array object through a static pointer type that differs from the dynamic pointer type of the object. Deleting an array through a pointer to the incorrect type, results in undefined behavior.

Noncompliant Code Example

In this noncompliant code example, an array of Derived objects is created and the pointer is stored in a Base *. Despite Base::~Base() being declared virtual, this still results in undefined behavior. Further, attempting to perform pointer arithmetic on the static type Base *, results in a violation of CTR39-CPP. Do not use pointer arithmetic on polymorphic objects.

struct Base {
  virtual ~Base() = default;
  virtual void f() {}
};

struct Derived final : Base {};

void f() {
   Base *b = new Derived[10];
   // ...
   delete [] b;
}

Compliant Solution

In this compliant solution, the static type of b is Derived *, which removes the undefined behavior when indexing into the array as well as when deleting the pointer:

struct Base {
  virtual ~Base() = default;
  virtual void f() {}
};

struct Derived final : Base {};

void f() {
   Derived *b = new Derived[10];
   // ...
   delete [] b;
}

Risk Assessment

Attempting to destruct a polymorphic object which does not have a virtual destructor declared results in undefined behavior. In practice, potential consequences include abnormal program termination and memory leaks.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP31-CPP

Low

Probable

Low

P6

L2

Automated Detection

Tool

Version

Checker

Description

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

[ISO/IEC 14882-2014]

5.3.5, "Delete"

 

OOP33-CPP. Do not slice polymorphic objects      013. Object Oriented Programming (OOP)      OOP08-CPP. Do not return references to private data

  • No labels