CERT.EXPR.VOLATILE.ADDR

Do not access a volatile object through a nonvolatile pointer.

Vulnerability and risk

Referencing a volatile-qualified type by a non-volatile lvalue is undefined behavior.

For example, the compiler may remove critical code during optimization if it believes a variable, once tested, cannot change.

This checker looks for code that assigns the address of a volatile object to a nonvolatile pointer (*).

Mitigation and prevention

Use the "volatile" qualifier on any pointers pointing to volatile objects.

Example

Copy

1
2
3
4
5
6
7
8
void func(void) {
     static int *ip1;
     static volatile int i_v = 0;
     ip1 = &i_v;
    if (*ipl != 0) { /* ip is defined as non-volative but it contains the lvalue of a volative int */
      /* ... */
    }
  }

A violation will be reported on line 4.

External guidance

CERT EXP32-C: Do not access a volatile object through a nonvolatile reference