CERT.EXPR.VOLATILE.ADDR.PARAM

Do not pass a volatile object to a function through a nonvolatile pointer.

Vulnerability and risk

Referencing a volatile-qualified type by a non-volatile lvalue is undefined behavior.

For example, the compiler may remove critical code during optimization if it believes a variable, once tested, cannot change.

This checker looks for code that assigns the address of a volatile object to a nonvolatile pointer (*) function argument.

Mitigation and prevention

Use the "volatile" qualifier on any pointers pointing to volatile objects.

Example

extern void someFunc(int *ip1);
    
  void func(void) {
     static volatile int i_v = 0;
     
     someFunc(&i_v);
  }

A violation will be reported on line 6.

External guidance

• CERT EXP32-C: Do not access a volatile object through a nonvolatile reference