...
If the object is declared as being constant, it may reside in write-protected memory at runtime. Attempting to modify such an object may lead to abnormal program termination or a denial-of-service attack. If an object is declared as being volatile, the compiler can make no assumptions regarding access of that object. Casting away the volatility of an object can result in reads or writes to the object being reordered or elided entirely, resulting in abnormal program execution.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP55-CPP | Medium | Probable | Medium | P8 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| pointer-qualifier-cast-const pointer-qualifier-cast-volatile | Partially checked | ||||||
| Axivion Bauhaus Suite |
| CertC++-EXP55 | |||||||
| Helix QAC |
| C++3066, C++4671 | |||||||
| Klocwork |
| MISRA.CAST.CONST |
| LDRA tool suite |
| 203 S, 242 S, 344 S | Fully implemented |
| Parasoft C/C++test |
| CERT_CPP-EXP55-a | A cast shall not remove any 'const' or 'volatile' qualification from the type of a pointer or reference | ||||||
| Polyspace Bug Finder |
| CERT C++: EXP55-CPP | Checks for casts that remove cv-qualification of pointer (rule partially covered) | ||||||
| RuleChecker |
| pointer-qualifier-cast-const pointer-qualifier-cast-volatile | Partially checked |
| SonarQube C/C++ Plugin |
| S859 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C Coding Standard | EXP32-C. Do not access a volatile object through a nonvolatile reference |
Bibliography
| [ISO/IEC 14882-2014] | Subclause 7.1.6.1, "The cv-qualifiers" |
| [Sutter 2004] | Item 94, "Avoid Casting Away const" |
...
...