STRONG.TYPE.JOIN.CONST
Comparison of strong type with constant
The STRONG.TYPE family of checkers detects situations in which programmer-enforced strong typing (type-defined abstract types) is broken or ignored, allowing the underlying ANSI type semantics to dominate.
The STRONG.TYPE.JOIN.CONST checker looks for an instance in which a strongly typed value is compared with a constant using a binary operator. In this rule, constants can be considered: integral constants, quoted strings, or expressions of the form &v, in which v is a static or automatic variable.
Vulnerability and risk
A compiler following the ANSI standard won't report a warning for this sort of issue, as it checks only the underlying types, not the surface, or programmer-defined, types. As a result, it's possible that a logic error can occur.
Vulnerable code example
1 typedef int Weight;
2
3 int main() {
4 Weight w;
5 if (w == 321) ;
6 return 0;
7 }
Klocwork flags line 5, indicating that the strongly typed value w is compared with a constant using binary operator ==.
Fixed code example
1 typedef int Weight;
2
3 int main() {
4 Weight w;
5 if (w == (Weight) 321) ;
6 return 0;
7 }
In the fixed code, the comparison is made between two strongly typed Weight values.
