16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
34 lines
841 B
Plaintext
34 lines
841 B
Plaintext
== Why is this an issue?
|
|
|
|
----
|
|
void foo(const int* x)
|
|
{
|
|
int* y;
|
|
y = (int*)x; //Noncompliant
|
|
}
|
|
int main()
|
|
{
|
|
const int a = 10;
|
|
int b;
|
|
b = (int)a; //Noncompliant
|
|
return(0);
|
|
}
|
|
----
|
|
Converting const to non-const can undermine the data integrity by allowing values to change that are assumed to be constant. This practice also reduces the readability of the code, since you cannot assume const variables to be constant
|
|
|
|
|
|
== Resources
|
|
|
|
* https://www.securecoding.cert.org/confluence/x/gAU[CERT, EXP40-C.] - Do not modify constant objects
|
|
* https://www.securecoding.cert.org/confluence/x/ZYAyAQ[CERT, EXP55-CPP.] - Do not access a cv-qualified object through a cv-unqualified type
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
=== duplicates: S859
|
|
|
|
endif::env-github,rspecator-view[]
|