JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

LANG.TYPE.NCS : Non-const String Literal

Summary

A string literal is assigned to a object whose type is not const-qualified char*.

See also:

Properties

Class Name Non-const String Literal
Significance style
Mnemonic LANG.TYPE.NCS
Categories
MisraC2025 MisraC2025:7.4 A string literal shall not be assigned to an object unless the object's type is "pointer to const-qualified char"
MisraC2023 MisraC2023:7.4 A string literal shall not be assigned to an object unless the object's type is "pointer to const-qualified char"
Misra2012 Misra2012:7.4 A string literal shall not be assigned to an object unless the object's type is "pointer to const-qualified char"
AUTOSARC++14 AUTOSARC++14:A1-1-1 All code shall conform to ISO/IEC 14882:2014 - Programming Language C++ and shall not use deprecated features.
  AUTOSARC++14:A2-13-4 String literals shall not be assigned to non-constant pointers.
MisraC++2023 MisraC++2023:4.1.2 Deprecated features should not be used
CWE CWE:1076 Insufficient Adherence to Expected Conventions
TS17961 TS17961:5.27-strmod Modifying string literals
CERT-C CERT-C:STR05-C Use pointers to const when referring to string literals
JSF++ JSF++:151.1 A string literal shall not be modified.
Availability Available for C and C++.
Enabling Checks for this warning class are disabled by default, and require the unnormalized C ASTs for the project. To enable them, add the following WARNING_FILTER rule and RETAIN_UNNORMALIZED_C_AST specification to the project configuration file. 
RETAIN_UNNORMALIZED_C_AST = Yes
WARNING_FILTER += allow class="Non-const String Literal"
Note that retaining the unnormalized ASTs will increase the disk space used to store the project representation, and may make the analysis take longer.

Example 

char *strA = "January";  /* 'Non-const String Literal' warning issued here */ 

const char *strB = "February";                    /* const-qualified */ 
const volatile char *strC = "March";              /* const-qualified */ 

extern void f_ch ( char *c );
extern void f_constch ( const char *cc );

void f_caller ( void ){
    f_ch ( "April" );    /* 'Non-const String Literal' warning issued here */                  
    f_constch ( "May" );                          /* parameter is const-qualified */ 
}

char *f_ch_ret ( void ){
    return ( "June" );   /* 'Non-const String Literal' warning issued here */     
}

const char *f_constch_ret ( void ){
    return ( "July" );                            /* return type is const-qualified */ 
}

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.