STRONG.TYPE.ASSIGN.CONSTAssignment of unexpected strong type constantThe STRONG.TYPE family of checkers detects situations in which programmer-enforced strong typing (type-defined abstract types) is broken or ignored, allowing the underlying ANSI type semantics to dominate. The STRONG.TYPE.ASSIGN.CONST checker finds constants unexpectedly assigned to strong types. In this rule, constants can be considered: integral constants, quoted strings, or expressions of the form &v, in which v is a static or automatic variable. Vulnerability and riskA compiler following the ANSI standard won't report a warning for this sort of issue, as it checks only the underlying types, not the surface, or programmer-defined, types. As a result, it's possible that a logic error can occur. Vulnerable code example
1 typedef int Weight;
2
3 int main() {
4 Weight w;
5 w = 1;
6 return 0;
7 }
Klocwork flags line 5, indicating that a constant is assigned to a variable of strong type Weight. |