V724. Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.


The analyzer has detected an issue when casting pointers or integer variables to the BOOL type may cause a loss of the most significant bits. As a result, a non-zero value which actually means TRUE may unexpectedly turn to FALSE.

In programs, the BOOL (gboolean, UBool, etc.) type is interpreted as an integer type. Any value other than zero is interpreted as true, and zero as false. Therefore, a loss of the most significant bits resulting from type conversion will cause an error in the program execution logic.

For example:

typedef long BOOL;
__int64 lLarge = 0x12300000000i64;
BOOL bRes = (BOOL) lLarge;

In this code, a non-zero variable is truncated to zero when being cast to BOOL, which renders it FALSE.

Here are a few other cases of improper type conversion:

int *p;
size_t s;
long long w;
BOOL x = (BOOL)p;
BOOL y = s;
BOOL z = (BOOL)s;
BOOL q = (BOOL)w;

To fix errors like these, we need to perform a check for a non-zero value before BOOL conversion.

Here are the various ways to fix these issues:

int *p;
size_t s;
long long w;
BOOL x = p != nullptr;
BOOL y = s != 0;
BOOL z = s ? TRUE : FALSE;
BOOL q = !!w;

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-197.

You can look at examples of errors detected by the V724 diagnostic.


Bugs Found

Checked Projects
336
Collected Errors
12 743