diff --git a/rules/S7443/metadata.json b/rules/S7443/metadata.json new file mode 100644 index 0000000000..2c63c08510 --- /dev/null +++ b/rules/S7443/metadata.json @@ -0,0 +1,2 @@ +{ +} diff --git a/rules/S7443/rust/metadata.json b/rules/S7443/rust/metadata.json new file mode 100644 index 0000000000..7cc1b6c23b --- /dev/null +++ b/rules/S7443/rust/metadata.json @@ -0,0 +1,24 @@ +{ + "title": "Calls to `std::mem::transmute` should not be evaluated eagerly", + "type": "BUG", + "status": "ready", + "remediation": { + "func": "Constant\/Issue", + "constantCost": "5min" + }, + "tags": [ + "clippy" + ], + "defaultSeverity": "Critical", + "ruleSpecification": "RSPEC-7443", + "sqKey": "S7443", + "scope": "All", + "defaultQualityProfiles": ["Sonar way"], + "quickfix": "unknown", + "code": { + "impacts": { + "RELIABILITY": "HIGH" + }, + "attribute": "LOGICAL" + } +} diff --git a/rules/S7443/rust/rule.adoc b/rules/S7443/rust/rule.adoc new file mode 100644 index 0000000000..018a06376e --- /dev/null +++ b/rules/S7443/rust/rule.adoc @@ -0,0 +1,52 @@ + +== Why is this an issue? + +When a transmute is placed within an expression that uses eager evaluation (like `bool::then_some`), it will execute even if a preceding validity check fails. This can result in creating invalid values, potentially leading to undefined behavior. + + +== How to fix it + +Use lazy evaluation (for example by replacing `then_some` with `then`) and providing a closure that contains the transmute. This ensures the transmute only occurs if the validity check passes. + + +=== Code examples + +==== Noncompliant code example + +[source,rust,diff-id=1,diff-type=noncompliant] +---- +#[repr(u8)] +enum Opcode { + Add = 0, + Sub = 1, + Mul = 2, + Div = 3 +} + +fn int_to_opcode(op: u8) -> Option { + (op < 4).then_some(unsafe { std::mem::transmute(op) }) +} +---- + +==== Compliant solution + +[source,rust,diff-id=1,diff-type=compliant] +---- +#[repr(u8)] +enum Opcode { + Add = 0, + Sub = 1, + Mul = 2, + Div = 3 +} + +fn int_to_opcode(op: u8) -> Option { + (op < 4).then(|| unsafe { std::mem::transmute(op) }) +} +---- + +== Resources +=== Documentation + +* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#eager_transmute +