C and C++

LANG.STRUCT.PARITH : ポインタ演算

要旨

+-+=、または -= 演算子が、ポインタ型の式に使用されています。

例外: 2つのポインタ間の減算では、このワーニングクラスは発生しません。

プロパティ

クラス名 Pointer Arithmetic
日本語クラス名 ポインタ演算
クラス分類 スタイル (style)
ニーモニック LANG.STRUCT.PARITH
カテゴリー
MisraC2023 MisraC2023:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2023:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  MisraC2023:18.4 The +, -, += and -= operators should not be applied to an expression of pointer type
Misra2012 Misra2012:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  Misra2012:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  Misra2012:18.4 The +, -, += and -= operators should not be applied to an expression of pointer type
Misra2004 Misra2004:17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element
  Misra2004:17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array
  Misra2004:17.4 Array indexing shall be the only allowed form of pointer arithmetic
AUTOSARC++14 AUTOSARC++14:A5-0-4 Pointer arithmetic shall not be used with pointers to non-final classes.
  AUTOSARC++14:M5-0-15 Array indexing shall be the only form of pointer arithmetic.
  AUTOSARC++14:M5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
MisraC++2008 MisraC++2008:5-0-15 Array indexing shall be the only form of pointer arithmetic.
  MisraC++2008:5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
MisraC++2023 MisraC++2023:8.7.1 Pointer arithmetic shall not form an invalid pointer
CWE CWE:823 Use of Out-of-range Pointer Offset
CERT-C CERT-C:ARR30-C Do not form or use out-of-bounds pointers or array subscripts
  CERT-C:ARR37-C Do not add or subtract an integer to a pointer to a non-array object
  CERT-C:ARR39-C Do not add or subtract a scaled integer to a pointer
  CERT-C:EXP08-C Ensure pointer arithmetic is used correctly
  CERT-C:MEM35-C Allocate sufficient memory for an object
CERT-CPP CERT-CPP:CTR50-CPP Guarantee that container indices and iterators are within the valid range
  CERT-CPP:CTR56-CPP Do not use pointer arithmetic on polymorphic objects
JSF++ JSF++:211 Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses.
  JSF++:215 Pointer arithmetic will not be used.
OWASP-2017 OWASP-2017:A8 Insecure deserialization
OWASP-2021 OWASP-2021:A8 Software and data integrity failures
対応言語 C および C++ で利用可能です。
有効/無効設定 このワーニングクラスのチェックはデフォルトで無効になっており、プロジェクトには非正規の C向けAST が必要になります。有効にするにはプロジェクト設定ファイル (configuration file) に以下の WARNING_FILTER ルールと RETAIN_UNNORMALIZED_C_AST 設定を追加してください。 
RETAIN_UNNORMALIZED_C_AST = Yes
WARNING_FILTER += allow class="Pointer Arithmetic"
注:非正規化された AST を継続して使用した場合、使用ディスク容量が増加し解析時間が長くなる可能性があります。		 

void * use_pointers(int *ptra, int *ptrb, int *ptrc);
void * use_ints(int x, int y);

void lang_struct_parith(int *p, int i)
{
    int *p1, *p2, *p3;
    int a, b;
        
    p1 = p + i;    /* 'Pointer Arithmetic' warning issued here */
    p2 = i + p;    /* 'Pointer Arithmetic' warning issued here */
    p2 += i;       /* 'Pointer Arithmetic' warning issued here */
    p2++;                      /* operator is not -, +, +=, or -= */
    p3 = *(p - 5); /* 'Pointer Arithmetic' warning issued here */
    p3 -= 4;       /* 'Pointer Arithmetic' warning issued here */
    a = *p - 5;                /* '-' operands are not pointers */                 
    b = p1 - p;                /* exception case: subtraction between two pointers */
    b += 5;                    /* '+=' operands are not pointers */

    use_ints(a,b);
    use_pointers(p1, p2, p3);
}

関連のある設定ファイルパラメータ

設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。