STRONG.TYPE.EXTRACT

Assignment of strong type variable to different type variable

The STRONG.TYPE family of checkers detects situations in which programmer-enforced strong typing (type-defined abstract types) is broken or ignored, allowing the underlying ANSI type semantics to dominate.

The STRONG.TYPE.EXTRACT checker looks for an instance in which a strongly typed value is assigned to a different, not strongly typed variable in one of these ways:

  • through an assignment operator
  • in a return value
  • through argument passing
  • in initialization

Vulnerability and risk

A compiler following the ANSI standard won't report a warning for this sort of issue, as it checks only the underlying types, not the surface, or programmer-defined, types. As a result, it's possible that a logic error can occur.

Vulnerable code example

Copy
 typedef int Count;

 int main() {
  Count a;
  int b = a; 
  return 0;
 }

Klocwork flags line 5, indicating that a strongly typed variable is assigned to a different, not strongly typed variable.