Checkers:PORTING.CAST.PTR

From current

The PORTING checkers identify code that might rely on specific implementation details in different compilers. The PORTING.CAST.PTR checker searches for a cast between types that aren't both pointers or non-pointers.

Vulnerability and risk

Depending on the platform and architecture in use, pointers may or may not be represented by the same number of bits as an integral type such as unsigned integer, so it's considered unsafe to cast pointers to non-pointer types, and the reverse.

Mitigation and prevention

Don't attempt to store pointer values in integral types. If the pointed-to type really must be hidden, use a void pointer instead.

Code examples

Vulnerable code example

1   extern char* getData();
2   void foo()
3   {
4     char* ptr = getData();
5     unsigned int ptrValue = (unsigned int)ptr;
 
6       printf("Got data from: %d\n", ptrValue);
7   }

This interchange of a pointer type with an integral type can be guaranteed to fail on certain platforms, so it should be considered unsafe on all platforms.

Fixed code example

1   extern char* getData();
2   void foo()
3   {
4     char* ptr = getData();
5     void* ptrValue = (void*)ptr;
 
6       printf("Got data from: %p\n", ptrValue);
7   }

In the fixed example, a void pointer is used instead of the unsafe expression.

Security Guidelines

• CWE-466: Return of Pointer Value Outside of Expected Range
• CWE-587: Assignment of a Fixed Address to a Pointer