RULE-8-2-8 - PointerToIntegralCast

lcartey · lcartey · commit 5687a7bf4207 · 2025-08-18T00:11:39.000+01:00
Detects pointer-to-integral casts that use types other than
std::uintptr_t or std::intptr_t, which may not guarantee representation
of all pointer values. [a]
diff --git a/cpp/misra/src/rules/RULE-8-2-8/PointerToIntegralCast.ql b/cpp/misra/src/rules/RULE-8-2-8/PointerToIntegralCast.ql
@@ -0,0 +1,32 @@
+/**
+ * @id cpp/misra/pointer-to-integral-cast
+ * @name RULE-8-2-8: An object pointer type shall not be cast to an integral type other than std::uintptr_t or
+ * @description Casting object pointers to integral types other than std::uintptr_t or std::intptr_t
+ *              can lead to implementation-defined behavior and potential loss of pointer
+ *              information.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-8-2-8
+ *       scope/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from ReinterpretCast cast, Type targetType, Type sourceType
+where
+  not isExcluded(cast, Conversions2Package::pointerToIntegralCastQuery()) and
+  sourceType = cast.getExpr().getType().getUnspecifiedType() and
+  sourceType instanceof PointerType and
+  targetType = cast.getType() and
+  targetType.getUnspecifiedType() instanceof IntegralType and
+  not (
+    targetType.(UserType).hasGlobalOrStdName("uintptr_t") or
+    targetType.(UserType).hasGlobalOrStdName("intptr_t")
+  )
+select cast,
+  "Cast of object pointer type to integral type '" + targetType.toString() +
+    "' instead of 'std::uintptr_t' or 'std::intptr_t'."
diff --git a/cpp/misra/test/rules/RULE-8-2-8/PointerToIntegralCast.expected b/cpp/misra/test/rules/RULE-8-2-8/PointerToIntegralCast.expected
@@ -0,0 +1,9 @@
+| test.cpp:37:13:37:47 | reinterpret_cast<unsigned long>... | Cast of object pointer type to integral type 'unsigned long' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:42:13:42:46 | reinterpret_cast<unsigned int>... | Cast of object pointer type to integral type 'unsigned int' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:47:13:47:38 | reinterpret_cast<long>... | Cast of object pointer type to integral type 'long' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:52:13:52:45 | reinterpret_cast<size_t>... | Cast of object pointer type to integral type 'size_t' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:57:13:57:43 | reinterpret_cast<hashPtr_t>... | Cast of object pointer type to integral type 'hashPtr_t' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:62:13:62:42 | reinterpret_cast<MyIntPtr>... | Cast of object pointer type to integral type 'MyIntPtr' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:67:13:67:35 | reinterpret_cast<unsigned long>... | Cast of object pointer type to integral type 'unsigned long' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:72:13:72:47 | reinterpret_cast<uint64_t>... | Cast of object pointer type to integral type 'uint64_t' instead of 'std::uintptr_t' or 'std::intptr_t'. |
+| test.cpp:77:13:77:46 | reinterpret_cast<int64_t>... | Cast of object pointer type to integral type 'int64_t' instead of 'std::uintptr_t' or 'std::intptr_t'. |
diff --git a/cpp/misra/test/rules/RULE-8-2-8/PointerToIntegralCast.qlref b/cpp/misra/test/rules/RULE-8-2-8/PointerToIntegralCast.qlref
@@ -0,0 +1 @@
+rules/RULE-8-2-8/PointerToIntegralCast.ql
diff --git a/cpp/misra/test/rules/RULE-8-2-8/test.cpp b/cpp/misra/test/rules/RULE-8-2-8/test.cpp
@@ -0,0 +1,82 @@
+#include <cstddef>
+#include <cstdint>
+struct S {};
+class C {};
+
+void *g1 = nullptr;
+S *g2 = nullptr;
+const int *g3 = nullptr;
+
+using hashPtr_t = std::uintptr_t;
+using MyIntPtr = std::intptr_t;
+
+void test_compliant_uintptr_t_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::uintptr_t>(l1); // COMPLIANT
+}
+
+void test_compliant_intptr_t_cast() {
+  C *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::intptr_t>(l1); // COMPLIANT
+}
+
+void test_compliant_void_pointer_cast() {
+  void *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::uintptr_t>(l1); // COMPLIANT
+  auto l3 = reinterpret_cast<std::intptr_t>(l1);  // COMPLIANT
+}
+
+void test_compliant_const_pointer_cast() {
+  const int *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::uintptr_t>(l1); // COMPLIANT
+  auto l3 = reinterpret_cast<std::intptr_t>(l1);  // COMPLIANT
+}
+
+void test_non_compliant_unsigned_long_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<unsigned long>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_unsigned_int_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<unsigned int>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_long_cast() {
+  C *l1 = nullptr;
+  auto l2 = reinterpret_cast<long>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_size_t_cast() {
+  void *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::size_t>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_typedef_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<hashPtr_t>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_using_alias_cast() {
+  C *l1 = nullptr;
+  auto l2 = reinterpret_cast<MyIntPtr>(l1); // NON_COMPLIANT
+}
+
+template <typename T> void test_non_compliant_template_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<T>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_uint64_t_cast() {
+  S *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::uint64_t>(l1); // NON_COMPLIANT
+}
+
+void test_non_compliant_int64_t_cast() {
+  void *l1 = nullptr;
+  auto l2 = reinterpret_cast<std::int64_t>(l1); // NON_COMPLIANT
+}
+
+void test_instantiate_template() {
+  test_non_compliant_template_cast<std::uintptr_t>();
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+rules/RULE-8-2-8/PointerToIntegralCast.ql`