Enable const_cast checks
const_cast is an anti pattern. There are a few places we need to do it
for interacting with C APIs, so enable the checks, and ignore the
existing uses.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If1748213992b97f5e3e04cf9b86a6fcafbb7cf06
diff --git a/.clang-tidy b/.clang-tidy
index 85fc555..462c5bf 100644
--- a/.clang-tidy
+++ b/.clang-tidy
@@ -206,6 +206,7 @@
cppcoreguidelines-macro-usage,
cppcoreguidelines-pro-bounds-array-to-pointer-decay,
cppcoreguidelines-pro-bounds-pointer-arithmetic,
+cppcoreguidelines-pro-type-const-cast,
cppcoreguidelines-pro-type-member-init,
cppcoreguidelines-pro-type-reinterpret-cast,
cppcoreguidelines-special-member-functions,
diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp
index 1459ea6..10d9116 100644
--- a/include/pam_authenticate.hpp
+++ b/include/pam_authenticate.hpp
@@ -86,8 +86,11 @@
{
std::string userStr(username);
std::string passStr(password);
- const struct pam_conv localConversation = {
- pamFunctionConversation, const_cast<char*>(passStr.c_str())};
+
+ // NOLINTNEXTLINE(cppcoreguidelines-pro-type-const-cast)
+ char* passStrNoConst = const_cast<char*>(passStr.c_str());
+ const struct pam_conv localConversation = {pamFunctionConversation,
+ passStrNoConst};
pam_handle_t* localAuthHandle = nullptr; // this gets set by pam_start
int retval = pam_start("webserver", userStr.c_str(), &localConversation,
@@ -119,8 +122,10 @@
inline int pamUpdatePassword(const std::string& username,
const std::string& password)
{
- const struct pam_conv localConversation = {
- pamFunctionConversation, const_cast<char*>(password.c_str())};
+ // NOLINTNEXTLINE(cppcoreguidelines-pro-type-const-cast)
+ char* passStrNoConst = const_cast<char*>(password.c_str());
+ const struct pam_conv localConversation = {pamFunctionConversation,
+ passStrNoConst};
pam_handle_t* localAuthHandle = nullptr; // this gets set by pam_start
int retval = pam_start("webserver", username.c_str(), &localConversation,
diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp
index dbe596a..fcb79f2 100644
--- a/include/ssl_key_handler.hpp
+++ b/include/ssl_key_handler.hpp
@@ -232,6 +232,8 @@
X509_EXTENSION* ex = nullptr;
X509V3_CTX ctx{};
X509V3_set_ctx(&ctx, cert, cert, nullptr, nullptr, 0);
+
+ // NOLINTNEXTLINE(cppcoreguidelines-pro-type-const-cast)
ex = X509V3_EXT_conf_nid(nullptr, &ctx, nid, const_cast<char*>(value));
if (!ex)
{
diff --git a/redfish-core/lib/virtual_media.hpp b/redfish-core/lib/virtual_media.hpp
index 00c3ecf..f617f4a 100644
--- a/redfish-core/lib/virtual_media.hpp
+++ b/redfish-core/lib/virtual_media.hpp
@@ -501,6 +501,7 @@
template <typename T>
static void secureCleanup(T& value)
{
+ // NOLINTNEXTLINE(cppcoreguidelines-pro-type-const-cast)
auto raw = const_cast<typename T::value_type*>(value.data());
explicit_bzero(raw, value.size() * sizeof(*raw));
}