4

For code like this:

#include <cstdint>

extern const char *f();
extern void g(const uint8_t *);

int main()
{
    const char *p = f();
    g(reinterpret_cast<const uint8_t *>(p));
}

clang-tidy -checks='cppcoreguidelines-*' generates warning:

do not use reinterpret_cast [cppcoreguidelines-pro-type-reinterpret-cast]

and indeed there is such paragraph in CppCoreGuidelines.

But how it is possible to avoid reinterpret_cast or C-style cast for case like const char * -> const uint8_t *?

Is this bug in CppCoreGuidelines ?

Improve this question
8
  • 6
    g( static_cast<const uint8_t*>( static_cast<const void*>( p ) ) ); ? Commented May 4, 2023 at 13:47
  • 3
    Casting via void should also give a warning as it is similarily unsafe. Commented May 4, 2023 at 13:49
  • 1
    Problem is that char can be signed and thus simply casting is not possible. If you can afford copying memory a simple workaround would also be to std::memcpy(f_ui8, f, size); Commented May 4, 2023 at 13:56
  • 2
    @user1244932 The reason this doesn't give a warning is purely because you have tricked the static analyser. It's a false negative. As André's second comment explains this cast is not generally safe. Using std::memcpy is the only "save"way to go in general. You can make your way safe by (statically) checking that char is an unsigned type on your platform (… which it probably isn't). Commented May 4, 2023 at 14:16
  • 3
    Since c++17, signed and unsigned can be assigned (reinterpreted) back and forth w/o issue so long as they are the same size. This is because signed types are now required to be two's compliment. Commented May 4, 2023 at 14:53

1 Answer 1

Reset to default
0

You get what you asked for. You called clang-tidy -checks='cppcoreguidelines-*, this includes cppcoreguidelines-pro-type-reinterpret-cast.

This check flags all uses of reinterpret_cast in C++ code.

Use of these casts can violate type safety and cause the program to access a variable that is actually of type X to be accessed as if it were of an unrelated type Z.

This rule is part of the Type safety (Type.1.1) profile from the C++ Core Guidelines.

Type Safety Profile requires that no reinterpret_cast is used at allow, be it safe or not.

In your case you can memcpy the const uint8_t* to a const char*. For me that is too much hassle, I would simple do a reinterpret_cast here which in this case is safe. Because I checked this reinterpret_cast I would add GSL_SUPPRESS(type,1) to suppress the warning. If you can control the clang-tidy call you can simply not enable the cppcoreguidelines-pro-type-reinterpret-cast warning. But maybe there are other reinterpret_casts in your code that are not OK and you want to be warned about them. So in my opinion it is a good choice to enable the check and suppress it where you are sure that it is OK.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.