2

I have the following line of code,

const CHAR* GetText() { return Text; } // Text is char[16]"Character Array"

The Fortify security tool is complaining about the above line as follows: Type Mismatch: Signed to Unsigned GetText()is declared to return an unsigned value, but on line xxx it returns a signed value.

I did not understand where i am converting it from signed to unsigned. I do understand the signed to unsigned conversion stuff if it is related to integers.

If i inferred correctly from the line of code, Is char which being returned a signed char? Is LPCSTR(const char*)the return type is unsigned char?

How do we assume (Text-which is a string) is signed and unsigned?

Any help would be appreciated.

Siva
  • 1,281
  • 2
  • 19
  • 41
  • Please note that `char` is `signed` by default on some compilers. – KYHSGeekCode Aug 29 '18 at 10:53
  • What is `LPCSTR`? – melpomene Aug 29 '18 at 11:01
  • @melpomene https://stackoverflow.com/a/321448/560648 – Lightness Races in Orbit Aug 29 '18 at 11:05
  • Something's not quite right here because `LPCSTR` is supposed to be `const char*` (https://msdn.microsoft.com/en-us/library/cc230350.aspx). What is "the" security tool? – Lightness Races in Orbit Aug 29 '18 at 11:06
  • @AlexF It would be preferable to understand the cause of the problem. – Lightness Races in Orbit Aug 29 '18 at 11:07
  • @KYHSGeekCode Signed yes, `signed` no - `char` is still just `char` in any case – Lightness Races in Orbit Aug 29 '18 at 11:08
  • @LightnessRacesinOrbit That assumes OP is using the standard windows headers. I'd like to see a [mcve]. – melpomene Aug 29 '18 at 11:19
  • @LightnessRacesinOrbit I updated my question with what tool i am using. The code that i added in my question is where the security tool is complaining about. On what basis it is considering char array in return statement as signed and const char*(return type) as unsigned? That is what exactly i meant. Please suggest if any way. – Siva Aug 29 '18 at 11:42
  • @Siva Yeah I don't know. Unless the tool is buggy, or `Text` is not what the question says it is, or LPCSTR is not the MS definition... [MCVE] please! – Lightness Races in Orbit Aug 29 '18 at 12:15
  • I found the answer finally. As i told "Text" is a char array which is of type signed whereas LPCTSTR which is const char* the return type for the method GetText() which is of unsigned type. As the method expects an unsigned value as return but in actual the method is returning signed value(char array) and this is the reason why the tool is complaining. I found out the type of const char* is signed or unsigned by using "std::is_signed" from "type_traits.h" file. – Siva Aug 29 '18 at 12:24
  • even with your edit, the type of `CHAR` is not stated. – jwm Nov 19 '20 at 22:52

0 Answers0