Writing to const qualified object

Object declared with a const qualifier is modified

expand all in page

Description

This defect occurs when you do one of the following:

Use a const-qualified object as the destination of an assignment.
Pass a const-qualified object to a function that modifies the argument.

For instance, the defect can occur in the following situations:

You pass a const-qualified object as first argument of one of the following functions:
- mkstemp
- mkostemp
- mkostemps
- mkdtemp
You pass a const-qualified object as the destination argument of one of the following functions:
- strcpy
- strncpy
- strcat
- memset
You perform a write operation on a const-qualified object.

Risk

The risk depends upon the modifications made to the const-qualified object.

Situation	Risk
Passing to `mkstemp`, `mkostemp`, `mkostemps`, `mkdtemp`, and so on.	These functions replace the last six characters of their first argument with a string. Therefore, they expect a modifiable `char` array as their first argument.
Passing to `strcpy`, `strncpy`, `strcat`, `memset` and so on.	These functions modify their destination argument. Therefore, they expect a modifiable `char` array as their destination argument.
Writing to the object	The `const` qualifier implies an agreement that the value of the object will not be modified. By writing to a `const`-qualified object, you break the agreement. The result of the operation is undefined.

Fix

The fix depends on the modification made to the const-qualified object.

Situation	Fix
Passing to `mkstemp`, `mkostemp`, `mkostemps`, `mkdtemp`, and so on.	Pass a non-`const` object as first argument of the function.
Passing to `strcpy`, `strncpy`, `strcat`, `memset` and so on.	Pass a non-`const` object as destination argument of the function.
Writing to the object	Perform the write operation on a non-`const` object.

See examples of fixes below.

If you do not want to fix the issue, add comments to your result or code to avoid another review. See:

Address Results in Polyspace User Interface Through Bug Fixes or Justifications if you review results in the Polyspace user interface.
Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access) if you review results in a web browser.
Annotate Code and Hide Known or Acceptable Results if you review results in an IDE.

Examples

expand all

Writing to `const`-Qualified Object

#include <string.h>

const char* buffer = "abcdeXXXXXXX";

void func(char* string) {
    char *ptr = (char*)strchr(buffer,'X');
    if(ptr)
        strcpy(ptr,string);
}

In this example, because the pointer buffer is const-qualified, strchr(buffer,'X') returns a const-qualified char* pointer. When this char* pointer is used as the destination argument of strcpy, a Writing to const qualified object error appears.

Correction — Copy const-Qualified Object to Non-const Object

One possible correction is to assign the constant string to a non-const object and use the non-const object as destination argument of strchr.

#include <string.h>

char buffer[] = "abcdeXXXXXXX";

void func(char* string) { 
    char *ptr = (char*)strchr(buffer,'X');
    if(ptr)
        strcpy(ptr,string);
}

Result Information

Group: Programming

Language: C | C++

Default: On for handwritten code, off for generated code

Command-Line Syntax: CONSTANT_OBJECT_WRITE

Impact: High

Version History

Introduced in R2015b

Writing to const qualified object

Description

Risk

Fix

Examples

Writing to `const`-Qualified Object

Result Information

Version History

See Also

Topics

Writing to const qualified object

Description

Risk

Fix

Examples

Writing to const-Qualified Object

Result Information

Version History

See Also

Topics

Writing to `const`-Qualified Object