CERT C++: EXP59-CPP

Use offsetof() on valid types and members

expand all in page

Description

Rule Definition

Use offsetof() on valid types and members.¹

Polyspace Implementation

The rule checker checks for Incorrect use of offsetof in C++.

Examples

expand all

Incorrect use of offsetof in C++

Issue

This defect occurs when you pass arguments to the offsetof macro for which the behavior of the macro is not defined.

The offsetof macro:

offsetof(classType, aMember)

returns the offset in bytes of the data member aMember from the beginning of an object of type classType. For use in offsetof, classType and aMember have certain restrictions:

classType must be a standard layout class.
For instance, it must not have virtual member functions. For more information on the requirements for a standard layout class, see C++ named requirements: StandardLayoutType.
aMember must not be static.
aMember must not be a member function.

The checker flags uses of the offsetof macro where the arguments violate one or more of these restrictions.

Risk

Violating the restrictions on the arguments of the offsetof macro leads to undefined behavior.

Fix

Use the offsetof macro only on nonstatic data members of a standard layout class.

The result details state which restriction on the offsetof macro is violated. Fix the violation.

Example – Use of offsetof Macro with Nonstandard Layout Class

#include <cstddef>

class myClass {
     int privateData;
  public:
     int publicData;
};

void func() {
  size_t off = offsetof(myClass, publicData); //Noncompliant
  // ...
}

In this example, the class myClass has two data members with different access control, one private and the other public. Therefore, the class does not satisfy the requirements of a standard layout class and cannot be used with the offsetof macro.

Correction — Use Uniform Access Control for All Data Members

If the use of offsetof is important for the application, make sure that the first argument is a class with a standard layout. For instance, see if you can work around the need for a public data member.

#include <cstddef>
  
class myClass {
     int member1;
     int member2;
  public:
     int getMember2(void) { return member2;}
     friend void func(void);
};
  
void func() {
  size_t off = offsetof(myClass, member2);
  // ...
}

Check Information

Group: 02. Expressions (EXP)

Version History

Introduced in R2019a

¹ This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.