CWE-588

Attempt to Access Child of a Non-structure Pointer. [Improper-Control-Of-A-Resource-Through-Its-Lifetime]

Required inputs: IR, StaticSemanticAnalysis

Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.

Demonstrative Examples

Example 1

The following example demonstrates the weakness.

Example Language:C
    struct foo
    {
        int i;
    }
    ...
    int main(int argc, char **argv)
    {
        *foo = (struct foo *)main;
        foo->i = 2;
        return foo->i;
    }

Excerpts from CWE [https://cwe.mitre.org], Copyright (C) 2006-2026, the MITRE Corporation. See section 9.4. "3rd-Party Licenses" in the documentation for full details.

Possible Messages

Key	Text	Severity	Disabled
integer-ptr	Access to child of pointer to integer	None	False
non-structure-ptr	Access to child of pointer to non-structure object ‘{}’ of type ‘{}’	None	False
routine-ptr	Access to child of pointer to routine	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

check_object_pointer_types

check_object_pointer_types : bool = True

Whether pointer targets of object pointers should be checked to be composites. Otherwise, only function pointers and integers will trigger the rule. Check causes considerable overhead if many pointer targets exist.