EXP51-CPP. Do not delete an array through a pointer of the incorrect type
The C++ Standard, [expr.delete], paragraph 3 [ ISO/IEC 14882-2014 ], states the following:
In the first alternative ( delete object ), if the static type of the object to be deleted is different from its dynamic type, the static type shall be a base class of the dynamic type of the object to be deleted and the static type shall have a virtual destructor or the behavior is undefined. In the second alternative ( delete array ) if the dynamic type of the object to be deleted differs from its static type, the behavior is undefined.
Do not delete an array object through a static pointer type that differs from the dynamic pointer type of the object. Deleting an array through a pointer to the incorrect type results in undefined behavior .
Noncompliant Code Example
In this noncompliant code example, an array of Derived objects is created and the pointer is stored in a Base * . Despite Base::~Base () being declared virtual, it still results in undefined behavior . Further, attempting to perform pointer arithmetic on the static type Base * violates CTR56-CPP. Do not use pointer arithmetic on polymorphic objects .
struct Base {
virtual ~Base() = default;
};
struct Derived final : Base {};
void f() {
Base *b = new Derived[10];
// ...
delete [] b;
}
Compliant Solution
In this compliant solution, the static type of b is Derived * , which removes the undefined behavior when indexing into the array as well as when deleting the pointer.
struct Base {
virtual ~Base() = default;
};
struct Derived final : Base {};
void f() {
Derived *b = new Derived[10];
// ...
delete [] b;
}
Risk Assessment
Attempting to destroy an array of polymorphic objects through the incorrect static type is undefined behavior. In practice, potential consequences include abnormal program execution and memory leaks.
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| EXP51-CPP | Low | Unlikely | No | No | P1 | L3 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
3.9 | -analyzer-checker=cplusplus | Checked with clang -cc1 or (preferably) scan-build | |
| CodeSonar | 9.1p0 | ALLOC.TM | Type Mismatch |
| Helix QAC | 2025.2 | C++3166 | |
| Klocwork | 2025.2 | CERT.EXPR.DELETE_ARR.BASE_PTR | |
| Parasoft C/C++test | 2025.2 | CERT_CPP-EXP51-a | Do not treat arrays polymorphically |
| Parasoft Insure++ | Runtime detection | ||
| Polyspace Bug Finder | R2025b | CERT C++: EXP51-CPP | Checks for delete operator used to destroy downcast object of different type. |
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website .
Related Guidelines
| SEI CERT C++ Coding Standard | CTR56-CPP. Do not use pointer arithmetic on polymorphic objects OOP52-CPP. Do not delete a polymorphic object without a virtual destructor |
Bibliography
| [ ISO/IEC 14882-2014 ] | Subclause 5.3.5, "Delete" |
