Tool
Version
Checker
Description
-Winvalid-noreturnCERT_CPP-MSC53-a
[[noreturn]] functions returning to caller
The [[noreturn]] attribute specifies that a function does not return. The C++ Standard, [dcl.attr.noreturn] paragraph 2 [ISO/IEC 14882-2014], states the following:
If a function
fis called wherefwas previously declared with thenoreturnattribute andfeventually returns, the behavior is undefined.
A function that specifies [[noreturn]] can prohibit returning by throwing an exception, entering an infinite loop, or calling another function designated with the [[noreturn]] attribute.
In this noncompliant code example, if the value 0 is passed, control will flow off the end of the function, resulting in an implicit return and undefined behavior.
#include <cstdlib>
[[noreturn]] void f(int i) {
if (i > 0)
throw "Received positive input";
else if (i < 0)
std::exit(0);
} |
In this compliant solution, the function does not return on any code path.
#include <cstdlib>
[[noreturn]] void f(int i) {
if (i > 0)
throw "Received positive input";
std::exit(0);
} |
Returning from a function marked [[noreturn]] results in undefined behavior that might be exploited to cause data-integrity violations.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC53-CPP | Medium | Unlikely | Low | P2 | L3 |
Tool | Version | Checker | Description |
|---|---|---|---|
| Astrée | invalid-noreturn | Fully checked | |
| Axivion Bauhaus Suite | CertC++-MSC53 | ||
| Clang | -Winvalid-noreturn | ||
| Helix QAC | C++2886 | ||
| Klocwork | CERT.MSC.NORETURN_FUNC_RETURNS | ||
| Parasoft C/C++test | CERT_CPP-MSC53-a | Never return from functions that should not return | |
| Polyspace Bug Finder | CERT C++: MSC53-CPP | Checks for [[noreturn]] functions returning to caller | |
| RuleChecker | invalid-noreturn | Fully checked | |
| SonarQube C/C++ Plugin | S935 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
| [ISO/IEC 14882-2014] | Subclause 7.6.3, " |
