STRONG.TYPE.EXTRACT

Assignment of strong type variable to different type variable

The STRONG.TYPE family of checkers detects situations in which programmer-enforced strong typing (type-defined abstract types) is broken or ignored, allowing the underlying ANSI type semantics to dominate.

The STRONG.TYPE.EXTRACT checker looks for an instance in which a strongly typed value is assigned to a different, not strongly typed variable in one of these ways:

• through an assignment operator
• in a return value
• through argument passing
• in initialization

Vulnerability and risk

A compiler following the ANSI standard won't report a warning for this sort of issue, as it checks only the underlying types, not the surface, or programmer-defined, types. As a result, it's possible that a logic error can occur.

Vulnerable code example

1
2
3
4
5
6
7
 typedef int Count;

 int main() {
  Count a;
  int b = a; 
  return 0;
 }

Klocwork flags line 5, indicating that a strongly typed variable is assigned to a different, not strongly typed variable.

Related checkers

• STRONG.TYPE.ASSIGN
• STRONG.TYPE.ASSIGN.ARG
• STRONG.TYPE.ASSIGN.CONST
• STRONG.TYPE.ASSIGN.INIT
• STRONG.TYPE.ASSIGN.RETURN
• STRONG.TYPE.ASSIGN.ZERO