Do not pass a const char pointer to a non-const char pointer argument.

Vulnerability and risk

String literals are created at compile time to be of sufficient length and null terminated. The behavior is undefined if a program attempts to modify any portion of a string literal. Ideally, they should be assigned only to pointers to (or arrays of) const char or const whar_t.

This checker looks for assignments of string literals or const string pointers to non-const function argument pointers.

Mitigation and prevention

Use "const" on argument declarations when the pointer shouldn't modify a string.


  void func_v1(void) {
    const char *aLiteral = "/tmp/abXXXXXX";

Violations will be reported on lines 3 and 4.