RULE-8-2-2 - NoCStyleOrFunctionalCasts

lcartey · lcartey · commit 6b24e5010575 · 2025-08-17T23:19:58.000+01:00
Detects C-style casts and functional notation casts that should be
replaced with explicit cast operators. Prevents unsafe type conversions
that lack clear intent and proper type checking constraints. [a]
diff --git a/cpp/misra/src/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.ql b/cpp/misra/src/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.ql
@@ -0,0 +1,33 @@
+/**
+ * @id cpp/misra/no-c-style-or-functional-casts
+ * @name RULE-8-2-2: C-style casts and functional notation casts shall not be used
+ * @description Using C-style casts or functional notation casts allows unsafe type conversions and
+ *              makes code harder to maintain compared to using named casts like const_cast,
+ *              dynamic_cast, static_cast and reinterpret_cast.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-8-2-2
+ *       scope/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+import codingstandards.cpp.CStyleCasts
+import codingstandards.cpp.AlertReporting
+
+class MISRACPPProhibitedCStyleCasts extends ExplicitUserDefinedCStyleCast {
+  MISRACPPProhibitedCStyleCasts() {
+    // MISRA C++ permits casts to void types
+    not getType() instanceof VoidType
+  }
+}
+
+from Element reportingElement, MISRACPPProhibitedCStyleCasts c
+where
+  not isExcluded(c, Conversions2Package::noCStyleOrFunctionalCastsQuery()) and
+  reportingElement = MacroUnwrapper<MISRACPPProhibitedCStyleCasts>::unwrapElement(c) and
+  exists(reportingElement.getFile().getRelativePath()) // within user code - validated during testing
+select reportingElement, "Use of explicit c-style cast to " + c.getType().getName() + "."
diff --git a/cpp/misra/test/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.expected b/cpp/misra/test/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.expected
@@ -0,0 +1,7 @@
+| test.cpp:8:22:8:37 | (uint32_t)... | Use of explicit c-style cast to uint32_t. |
+| test.cpp:9:22:9:32 | (unsigned int)... | Use of explicit c-style cast to unsigned int. |
+| test.cpp:70:1:70:31 | #define ADD_ONE(x) ((int)x) + 1 | Use of explicit c-style cast to int. |
+| test.cpp:83:19:83:26 | (int)... | Use of explicit c-style cast to int. |
+| test.cpp:84:27:84:34 | (int)... | Use of explicit c-style cast to int. |
+| test.cpp:112:10:112:13 | (int)... | Use of explicit c-style cast to int. |
+| test.cpp:147:12:147:26 | (unsigned int)... | Use of explicit c-style cast to unsigned int. |
diff --git a/cpp/misra/test/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.qlref b/cpp/misra/test/rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.qlref
@@ -0,0 +1 @@
+rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.ql
diff --git a/cpp/misra/test/rules/RULE-8-2-2/test.cpp b/cpp/misra/test/rules/RULE-8-2-2/test.cpp
@@ -0,0 +1,158 @@
+#include <cstdint>
+#include <string>
+#include <utility>
+int foo() { return 1; }
+// A copy of A5-2-2 test.cpp, but with different cases compliant/non-compliant
+void test_c_style_cast() {
+  double f = 3.14;
+  std::uint32_t n1 = (std::uint32_t)f; // NON_COMPLIANT - C-style cast
+  std::uint32_t n2 = unsigned(f);      // NON_COMPLIANT - functional notation
+
+  std::uint8_t n3 = 1;
+  std::uint8_t n4 = 1;
+  std::uint8_t n5 = n3 + n4; // ignored, implicit casts
+
+  (void)foo(); // COMPLIANT - permitted by MISRA C++
+}
+
+class A {
+public:
+  virtual void f1() {}
+};
+
+class B : A {
+public:
+  virtual void f1() {}
+};
+
+class C {
+  void f1() {}
+};
+
+void test_cpp_style_cast() {
+  // These cases may contravene other rules, but are marked as COMPLIANT for
+  // this rule
+  A a1;
+  const A *a2 = &a1;
+  A *a3 = const_cast<A *>(a2);      // COMPLIANT
+  B *b = dynamic_cast<B *>(a3);     // COMPLIANT
+  C *c = reinterpret_cast<C *>(a3); // COMPLIANT
+  std::int16_t n8 = 0;
+  std::int32_t n9 = static_cast<std::int32_t>(n8); // COMPLIANT
+  static_cast<void>(foo());                        // COMPLIANT
+}
+
+class A5_2_2a {
+public:
+  template <typename... As>
+  static void Foo(const std::string &name, As &&...rest) {
+    Fun(Log(std::forward<As>(
+        rest)...)); // COMPLIANT - previously reported as a false positive
+  }
+
+  template <typename... As> static std::string Log(As &&...tail) {
+    return std::string();
+  }
+
+  static void Fun(const std::string &message) {}
+};
+
+class A5_2_2 final {
+public:
+  void f(const std::string &s) const { A5_2_2a::Foo("name", "x", "y", "z"); }
+};
+
+void a5_2_2_test() {
+  A5_2_2 a;
+  a.f("");
+}
+
+#define ADD_ONE(x) ((int)x) + 1      // NON_COMPLIANT
+#define NESTED_ADD_ONE(x) ADD_ONE(x) // Not reported - reported at ADD_ONE
+#define NO_CAST_ADD_ONE(x) x + 1     // COMPLIANT
+
+#include "macro_c_style_casts.h"
+
+void test_macro_cast() {
+  ADD_ONE(1);         // Reported at macro definition site
+  NESTED_ADD_ONE(1);  // reported at macro definition site
+  LIBRARY_ADD_TWO(1); // COMPLIANT - macro generating the cast is defined in a
+                      // library, and is not modifiable by the user
+  LIBRARY_NESTED_ADD_TWO(1); // COMPLIANT - macro generating the cast is defined
+                             // in a library, and is not modifiable by the user
+  NO_CAST_ADD_ONE((int)1.0); // NON_COMPLIANT - cast in argument to macro
+  LIBRARY_NO_CAST_ADD_TWO((int)1.0); // NON_COMPLIANT - library macro with
+                                     // c-style cast in argument, written by
+                                     // user so should be reported
+}
+
+class D {
+public:
+  D(int x) : fx(x), fy(0) {}
+  D(int x, int y) : fx(x), fy(y) {}
+
+private:
+  int fx;
+  int fy;
+};
+
+D testNonFunctionalCast() {
+  return (D)1; // COMPLIANT
+}
+
+D testFunctionalCast() {
+  return D(1); // COMPLIANT
+}
+
+D testFunctionalCastMulti() {
+  return D(1, 2); // COMPLIANT
+}
+
+template <typename T> T testFunctionalCastTemplate() {
+  return T(1); // NON_COMPLIANT - used with an int
+}
+
+template <typename T> T testFunctionalCastTemplateMulti() {
+  return T(1, 2); // COMPLIANT
+}
+
+void testFunctionalCastTemplateUse() {
+  testFunctionalCastTemplate<D>();
+  testFunctionalCastTemplate<int>();
+  testFunctionalCastTemplateMulti<D>();
+}
+
+template <typename T> class E {
+public:
+  class F {
+  public:
+    F(int x) : fx(x), fy(0) {}
+    F(int x, int y) : fx(x), fy(y) {}
+
+  private:
+    int fx;
+    int fy;
+  };
+
+  F f() {
+    return F(1); // COMPLIANT
+  }
+
+  D d() {
+    return D(1); // COMPLIANT
+  }
+
+  int i() {
+    double f = 3.14;
+    return (unsigned int)f; // NON_COMPLIANT
+  }
+};
+
+class G {};
+
+void testE() {
+  E<G> e;
+  e.f();
+  e.d();
+  e.i();
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+rules/RULE-8-2-2/NoCStyleOrFunctionalCasts.ql`