V2545. MISRA. Conversion between pointers of different object types should not be performed.


This diagnostic rule is based on the software development guidelines developed by MISRA (Motor Industry Software Reliability Association).

This rule applies only to C.

Casting a pointer to one type to a pointer to another type could result in undefined behavior if these types are aligned differently.

Example of non-compliant code:

void foo( void )
{
  int *pi;
  double *pd = ....;
  typedef int *PI;

  pi = pd;         // <=
  pi = (int*) pd;  // <=
  pi = PI(pd);     // <=
}

This diagnostic also checks the qualifiers of the types referred to by the pointers participating in the conversion:

void foo( void )
{
        double **ppd = ....;
  const double **ppcd = (const double **) ppd;
  
                 double * const *pcpd = ....;
  const volatile double * const *pcvpd =
    (const volatile double * const *) pcpd;
}

An exception is made for cases when the cast is done to pointers to the types 'char', 'signed char', 'unsigned char', or 'void' since such behavior is explicitly defined by the standard.


Bugs Found

Checked Projects
354
Collected Errors
13 290