11.3 - char * to uint8_t *

Moderators: misra-c, david ward

Post Reply
delta_controls
Posts: 15
Joined: Wed Feb 03, 2016 2:15 pm
Company: Delta Controls Ltd

11.3 - char * to uint8_t *

Post by delta_controls » Wed Apr 27, 2016 12:05 pm

In the following example there is an implicit conversion from (char *) to (uint8_t *):

Code: Select all

extern void print(const uint8_t *text);

int main(void)
{
    print("Some text");
}
Am I correct in thinking that this is compliant? Or does the exception to rule 11.3 only apply when conversions are explicit?

Thanks.

delta_controls
Posts: 15
Joined: Wed Feb 03, 2016 2:15 pm
Company: Delta Controls Ltd

Re: 11.3 - char * to uint8_t *

Post by delta_controls » Thu May 05, 2016 1:55 pm

Having given this more thought, I have realised that the example is not relevant to the rule, as casts are explicit conversions by definition.

My understanding is that there are no rules with which the example is non-compliant and the conversion is safe.

delta_controls
Posts: 15
Joined: Wed Feb 03, 2016 2:15 pm
Company: Delta Controls Ltd

Re: 11.3 - char * to uint8_t *

Post by delta_controls » Tue May 10, 2016 12:12 pm

This is due to a misinterpretation of Directive 4.6, which doesn't apply to data that are essentially character. In the example, plain char should have been used for the input parameter.

delta_controls
Posts: 15
Joined: Wed Feb 03, 2016 2:15 pm
Company: Delta Controls Ltd

Re: 11.3 - char * to uint8_t *

Post by delta_controls » Tue May 10, 2016 9:14 pm

The conversion in the example is actually a constraint violation and an explicit cast would be required. Rule 11.3 would then be satisfied by exception.

misra-c
Posts: 571
Joined: Thu Jan 05, 2006 1:11 pm

Re: 11.3 - char * to uint8_t *

Post by misra-c » Fri May 20, 2016 12:47 pm

This response assumes that uint8_t is defined as "unsigned char".

Section 8.11 of the MISRA-C:2012 guidelines summarizes the implicit conversions that are permitted by the C language. The list of permitted implicit conversions does not include conversions from char* to unsigned char*. Therefore your example violates the constraints of the C language and hence is not compliant with rule 1.1 of the MISRA-C:2012 guidelines.

The example is also not compliant with rule 7.4, which states that "A string literal shall not be assigned to an object unless the object's type is "pointer to const-qualified char"". Assigned includes the implicit conversion that occur on passing an argument to a function.
---
Posted by and on behalf of
the MISRA C Working Group

delta_controls
Posts: 15
Joined: Wed Feb 03, 2016 2:15 pm
Company: Delta Controls Ltd

Re: 11.3 - char * to uint8_t *

Post by delta_controls » Tue May 24, 2016 10:04 am

Thanks for the response. To summarise, I think the following is correct:

Code: Select all

extern void print1(const char *text);
extern void print2(const uint8_t *text);

int main(void)
{
    const char *txt = "Some text";
    
    print1("Some text");                // Compliant (preferred solution)
    print2((uint8_t *)"Some text");     // Compliant
    print2((uint8_t *)txt);             // Compliant
}

Post Reply

Return to “8.11 Pointer type conversions”