
...
EXP05-EX2: A number of C99 standard library functions are specified to return non-const
pointers that refer to their const
-qualified arguments. When the actual arguments to such functions reference const objects, attempting to use the returned non-const
pointers to modify the const objects would be a violation of guideline EXP40-C. Do not modify constant values and lead to undefined behavior. These functions are the following:
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
EXP05-C | medium | probable | medium | P8 | L2 |
Automated Detection
...
...
Tool | Version | Checker | Description |
---|---|---|---|
|
...
|
|
| ||||||||||
|
|
|
|
| ||
|
...
|
|
|
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : EXP35-CPP. Do not cast away a const qualification.
Bibliography
Wiki Markup |
---|
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.7.3, "Type qualifiers" \[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "HFC Pointer casting and pointer type changes" and "IHN Type system" \[[MISRA 042004|AA. Bibliography#MISRA 04]\] Rule 11.5 \[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 704|http://cwe.mitre.org/data/definitions/704.html], "Incorrect Type Conversion or Cast" |
...