No Exception Propagation Beyond Name Visibility (EXU03)
Level \(\rightarrow\) Required
- Category
- Safety:
\(\checkmark\)
- Cyber:
\(\checkmark\)
- Goal
- Maintainability:
\(\checkmark\)
- Reliability:
\(\checkmark\)
- Portability:
\(\checkmark\)
- Performance:
- Security:
Remediation \(\rightarrow\) Low
Verification Method \(\rightarrow\) GNATcheck rule:
Non_Visible_Exceptions
Reference
RPP05
Description
An active exception can be propagated dynamically past the point where the name
of the exception is visible (the scope of the declaration). The exception can
only be handled via others
past that point. That situation prevents
handling the exception specifically, and violates RPP05.
Applicable Vulnerability within ISO TR 24772-2
N/A
Applicable Common Weakness Enumeration
Noncompliant Code Example
procedure Noncompliant (Param : in out Integer) is
Noncompliant_Exception : exception;
begin
Param := Param * Param;
exception
when others =>
raise Noncompliant_Exception;
end Noncompliant;
As a result the exception name cannot be referenced outside the body:
procedure Bad_Call (Param : in out Integer) is
begin
Noncompliant (Param);
exception
when Noncompliant_Exception => -- compile error
null;
end Bad_Call;
Compliant Code Example
Compliant_Exception : exception;
procedure Compliant (Param : in out Integer) is
begin
Param := Param * Param;
exception
when others =>
raise Compliant_Exception;
end Compliant;
procedure Good_Call (Param : in out Integer) is
begin
Compliant (Param);
exception
when Compliant_Exception =>
null;
end Good_Call;
Notes
N/A