No Exception Propagation Beyond Name Visibility (EXU03)

Level \(\rightarrow\) Required

Category

Safety:: \(\checkmark\)
Cyber:: \(\checkmark\)

Goal

Maintainability:: \(\checkmark\)
Reliability:: \(\checkmark\)
Portability:: \(\checkmark\)
Performance:
Security:

Remediation \(\rightarrow\) Low

Verification Method \(\rightarrow\) GNATcheck rule: Non_Visible_Exceptions

Reference

RPP05

Description

An active exception can be propagated dynamically past the point where the name of the exception is visible (the scope of the declaration). The exception can only be handled via others past that point. That situation prevents handling the exception specifically, and violates RPP05.

Applicable Vulnerability within ISO TR 24772-2

N/A

Noncompliant Code Example

procedure Noncompliant (Param : in out Integer) is
   Noncompliant_Exception : exception;
begin
   Param := Param * Param;
exception
   when others =>
      raise Noncompliant_Exception;
end Noncompliant;

As a result the exception name cannot be referenced outside the body:

procedure Bad_Call (Param : in out Integer) is
begin
   Noncompliant (Param);
exception
   when Noncompliant_Exception =>  -- compile error
      null;
end Bad_Call;

Compliant Code Example

Compliant_Exception : exception;
procedure Compliant (Param : in out Integer) is
begin
   Param := Param * Param;
exception
   when others =>
      raise Compliant_Exception;
end Compliant;

procedure Good_Call (Param : in out Integer) is
begin
   Compliant (Param);
exception
   when Compliant_Exception =>
      null;
end Good_Call;

Notes

N/A