Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarLint
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarCloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube

Secrets
ABAP
Apex
AzureResourceManager
C
C++
CloudFormation
COBOL
C#
CSS
Docker
Flex
Go
HTML
Java
JavaScript
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML

C++ static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code

Filtered: 51 rules found

misra-c++2008

Impact

Clean code attribute

A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast
Bug
The name "main" should not be used for any function other than the global "main" function
Code Smell
Switch labels should not be nested inside non-switch blocks
Code Smell
Control should not be transferred into a complex logic block using a "goto" or a "switch" statement
Code Smell
Destructors should not throw exceptions
Bug
Handlers of a function-try-block implementation of a class constructor or destructor shall not reference non-static members from this class or its bases
Bug
An exception object should not have pointer type
Bug
Functions should not be defined with a variable number of arguments
Code Smell
The comma operator, "&&", and "||" should not be overloaded
Code Smell
A cast shall not remove any const or volatile qualification from the type of a pointer or reference
Code Smell
Condition-specific "catch" handlers should not be used after the ellipsis (catch-all) handler
Bug
Handlers in a single try-catch or function-try-block for a derived class and some or all of its bases should be ordered most-derived-first
Bug
Exception classes should be caught by reference
Bug
#include directives in a file should only be preceded by other preprocessor directives or comments
Code Smell
The unary "&" operator should not be overloaded
Code Smell
If a function has internal linkage then all re-declarations shall include the static storage class specifer
Code Smell
Functions should not be declared at block scope
Code Smell
Parameters in an overriding virtual function shall either use the same default arguments as the function they override, or else shall not specify any default arguments
Code Smell
Header files should not contain unnamed namespaces
Code Smell
Pointer and reference parameters should be "const" if the corresponding object is not modified
Code Smell
In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the operand of # or ##
Code Smell
"abort", "exit", "getenv" and "system" from <stdlib.h> should not be used
Bug
"offsetof" macro should not be used
Code Smell
using-directives and using-declarations (excluding class scope or function scope using-declarations) shall not be used in header files
Code Smell
C libraries should not be used
Code Smell
Evaluation of the operand to the sizeof operator shall not contain side effects
Bug
Each operand of the ! operator, the logical && or the logical || operators shall have type bool
Bug
When an array is declared, its size shall either be stated explicitly or defined implicitly by initialization
Bug
Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for that identifier
Bug
There shall be at most one occurrence of the # or ## operators in a single macro definition
Code Smell
A loop-control-variable other than the loop-counter which is modified in statement shall have type bool
Code Smell
Objects or functions with external linkage shall be declared in a header file
Code Smell
Assembly language should be encapsulated and isolated
Code Smell
A cast should not convert a pointer type to an integral type
Code Smell
An object with integral type or pointer to void type shall not be converted to an object with pointer type
Code Smell
An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly
Code Smell
A variable which is not modified shall be const qualified
Code Smell
Switch statement conditions should not have essentially boolean type
Code Smell
The loop-counter should be modified by one of: --, ++, -=n, or +=n; where n remains constant for the duration of the loop
Code Smell
The first operand of a conditional operator should have type bool
Code Smell
The condition of an if-statement and the condition of an iteration-statement shall have type bool
Code Smell
The identifiers used for the parameters in a re-declaration or override of a function shall be identical to those in the declaration
Code Smell
A loop-control-variable other than the loop-counter shall not be modified within condition or expression
Code Smell
The loop-counter shall not be modified within condition or statement
Code Smell
If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > or >=
Code Smell
A for loop shall contain a single loop-counter which shall not have floating type
Code Smell
Every switch statement shall have at least one case-clause
Code Smell
All "if ... else if" constructs shall be terminated with an "else "clause
Code Smell
An `if ( condition )` construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
Code Smell
The statement forming the body of a "switch", "while", "do {...} while" or "for" statement shall be a compound statement
Code Smell
C-style casts (other than void casts) and functional notation casts (other than explicit constructor calls) shall not be used
Code Smell

A cast shall not remove any const or volatile qualification from the type of a pointer or reference

adaptability - modular

maintainability

Code Smell

CriticalSonarSource default severity
click to learn more

cppcoreguidelines
cert
misra-c++2008
misra-c2004
suspicious
misra-c2012

Why is this an issue?

Using const in your code improves reliability and maintenance. When passing a const value, developers assume that its value won’t be changed. But using const_cast<>() to cast away a const qualifier, destroys developer assumptions and code reliability. It is a bad practice and reveals a flaw in the design. Furthermore, it may have an undefined behavior.

Noncompliant code example

User& func(const int& value, const User& user) {
  const_cast<int&>(value) = 2; // Noncompliant and undefined behavior
  return const_cast<User&>(user); // Noncompliant
}

Compliant solution

User& func(int& value, User& user) {
  value = 2;
  return user;
}

Resources

MISRA C:2004, 11.5 - A cast shall not be performed that removes any const or volatile qualification from the type addressed by a pointer
MISRA C++:2008, 5-2-5 - A cast shall not remove any const or volatile qualification from the type of a pointer or reference
MISRA C:2012, 11.8 - A cast shall not remove any const or volatile qualification from the type pointed to by a pointer
CERT, EXP32-C. - Do not access a volatile object through a nonvolatile reference
CERT, EXP05-C. - Do not cast away a const qualification
CERT, EXP55-CPP. - Do not access a cv-qualified object through a cv-unqualified type
C++ Core Guidelines Type.3 - Don’t use const_cast to cast away const (i.e., at all): Don’t cast away const.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Developer
Edition

© 2008-2023 SonarSource S.A., Switzerland. All content is copyright protected. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, and SONARCLOUD are trademarks of SonarSource S.A. All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.
Privacy Policy | Cookie Policy

In-IDE

SaaS

Self-Hosted