ERR53-CPP. Do not reference base classes or class data members in a constructor or destructor function-try-block handler

When an exception is caught by a function-try-block handler in a constructor, any fully constructed base classes and class members of the object are destroyed prior to entering the handler [ISO/IEC 14882-2014]. Similarly, when an exception is caught by a function-try-block handler in a destructor, all base classes and nonvariant class members of the objects are destroyed prior to entering the handler. Because of this behavior, the C++ Standard, [except.handle], paragraph 10, states the following:

Referring to any non-static member or base class of an object in the handler for a function-try-block of a constructor or destructor for that object results in undefined behavior.

Do not reference base classes or class data members in a constructor or destructor function-try-block handler. Doing so results in undefined behavior.

Noncompliant Code Example

In this noncompliant code example, the constructor for class C handles exceptions with a function-try-block. However, it generates undefined behavior by inspecting its member field str.

#include <string>
 
class C {
  std::string str;
 
public:
  C(const std::string &s) try : str(s) {
    // ...
  } catch (...) {
    if (!str.empty()) {
      // ...
    }
  }
};

Compliant Solution

In this compliant solution, the handler inspects the constructor parameter rather than the class data member, thereby avoiding undefined behavior.

#include <string>

class C {
  std::string str;

public:
  C(const std::string &s) try : str(s) {
    // ...
  } catch (...) {
    if (!s.empty()) {
      // ...
    }
  }
};

Risk Assessment

Accessing nonstatic data in a constructor's exception handler or a destructor's exception handler leads to undefined behavior.

Automated Detection

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography