[C-safe-secure-studygroup] Rule 8.13 review

Martin Sebor msebor at gmail.com
Wed Aug 9 15:40:53 UTC 2017


This is my long overdue assignment to review Rule 8.13 --
A pointer should point to a const-qualified type whenever
possible.

A strict reading of the rule implies that it applies to every
declaration of a pointer object, including local variables.
While I'm a big believer of following this rule to its full
extent I'm not aware of any projects that do go this far.
Not C++, and certainly not C where const correctness is often
defeated by the language itself due to the holes in <string.h>
and <stdlib.h>.  I suspect that a checker that indiscriminately
enforced this strict interpretation of the rule would be far
too noisy to be of practical use.

However, all the examples in the rule are those of function
arguments of pointer types.  That suggests that the rule's
intent may be to only require const in those contexts, and
not also in declarations of pointers at local scope.  If
the rule were constrained only to function arguments (while
of course not allowing for the removal of const at local
scope) I think it would be applicable even to C and worth
including in our document, perhaps as an "advisory"
recommendation, if there is such a category.

Martin



More information about the C-safe-secure-studygroup mailing list