JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

LANG.CAST.COERCE : Coercion Alters Value

Summary

An implicit coercion operation causes a value to be changed.

Properties

Class Name Coercion Alters Value
Significance security
Mnemonic LANG.CAST.COERCE
Categories
MisraC2025 MisraC2025:10.3 The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category
  MisraC2025:12.4 Evaluation of constant expressions should not lead to unsigned integer wrap-around
MisraC2023 MisraC2023:10.3 The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category
  MisraC2023:12.4 Evaluation of constant expressions should not lead to unsigned integer wrap-around
Misra2012 Misra2012:10.3 The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category
  Misra2012:12.4 Evaluation of constant expressions should not lead to unsigned integer wrap-around
Misra2004 Misra2004:12.11 Evaluation of constant unsigned integer expressions should not lead to wraparound
AUTOSARC++14 AUTOSARC++14:A4-7-1 An integer expression shall not lead to data loss.
  AUTOSARC++14:M5-0-4 An implicit integral conversion shall not change the signedness of the underlying type.
  AUTOSARC++14:M5-0-6 An implicit integral or floating-point conversion shall not reduce the size of the underlying type.
  AUTOSARC++14:A7-2-1 An expression with enum underlying type shall only have values corresponding to the enumerators of the enumeration.
MisraC++2008 MisraC++2008:5-0-4 An implicit integral conversion shall not change the signedness of the underlying type.
  MisraC++2008:5-0-6 An implicit integral or floating-point conversion shall not reduce the size of the underlying type.
  MisraC++2008:7-2-1 An expression with enum underlying type shall only have values corresponding to the enumerators of the enumeration.
MisraC++2023 MisraC++2023:0.3.2 A function call shall not violate the function's preconditions
  MisraC++2023:7.0.5 Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand
  MisraC++2023:8.20.1 An unsigned arithmetic operation with constant operands should not wrap
CWE CWE:20 Improper Input Validation
  CWE:192 Integer Coercion Error
  CWE:704 Incorrect Type Conversion or Cast
TS17961 TS17961:5.6-argcomp Calling functions with incorrect arguments
  TS17961:5.16-signconv Conversion of signed characters to wider integer types before a check for EOF
CERT-C CERT-C:API07-C Enforce type safety
  CERT-C:FIO34-C Distinguish between characters read from a file and EOF or WEOF
  CERT-C:INT02-C Understand integer conversion rules
  CERT-C:INT18-C Evaluate integer expressions in a larger size before comparing or assigning to that size
  CERT-C:INT31-C Ensure that integer conversions do not result in lost or misinterpreted data
CERT-CPP CERT-CPP:INT50-CPP Do not cast to an out-of-range enumeration value
JSF++ JSF++:180 Implicit conversions that may result in a loss of information shall not be used.
  JSF++:183 Every possible measure should be taken to avoid type casting.
  JSF++:203 Evaluation of expressions shall not lead to overflow/underflow (unless required algorithmically and then should be heavily documented).
  JSF++:212 Underflow or overflow functioning shall not be depended on in any special way.
DISA-6r1 DISA-6r1:V-222612 The application must not be vulnerable to overflow attacks.
DISA-5r3 DISA-5r3:V-70277 The application must not be vulnerable to overflow attacks.
DISA-4r3 DISA-4r3:V-70277 The application must not be vulnerable to overflow attacks.
DISA-3r10 DISA-3r10:V-16808 The designer will ensure the application is not vulnerable to integer arithmetic issues.
Availability Available for C and C++.
Enabling Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += discard class="Coercion Alters Value"

Note

Type coercion can change values in several ways:

In many cases, a warning of this class indicates an inadvertent value change that may cause problems later. Out-of-range coercions to enumeration type in C++ are more serious, since the resulting behavior is undefined rather than defined but (possibly) unexpected. Coercion Alters Value warnings in this latter category will therefore generally have higher Rank.

For more information about the values representable by C++ enumerations, see the Cast Alters Value documentation.

Example 

unsigned int coerce(void){
    int x;
    unsigned int y;

    x = -10;
    y = x+5; /* 'Coercion Alters Value' warning issued here */
    return y;
}

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.