fix(security): resolve CodeQL SM02986 char*/wchar_t* cast warnings#1602
Merged
Conversation
Fixes 10 instances of CodeQL security finding SM02986 ('Cast from
char* to wchar_t*') across three shared source files.
Changes:
- core_util.cpp: Use intermediate SQLWCHAR* variable in
convert_string_from_utf16_inplace to avoid inline cast; add
clarifying comments for two void*->SQLWCHAR* malloc casts.
- core_stream.cpp: Extract single LPCWSTR intermediate variable before
#ifdef branches in sqlsrv_stream_read (CP_UTF8 path) with comment
explaining ODBC fills the buffer as SQL_C_WCHAR even though allocated
as char*.
- core_stmt.cpp: Remove redundant reinterpret_cast in
convert_input_str_to_utf16 (str is already char*); add typed
intermediate variable for SQLPOINTER buffer cast in
process_string_param; add typed intermediate for SQLWCHAR* cast in
process_output_string; add clarifying comments for intentional
SQLWCHAR*->char* binary storage casts.
No behavioral changes. All casts are semantically correct; changes
improve readability and satisfy the static analysis rule.
Verified: BUILD_EXIT_CODE=0 for both sqlsrv and pdo_sqlsrv extensions
against PHP 8.4.14 (VS2022 x64 ZTS).
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## dev #1602 +/- ##
=======================================
Coverage 85.74% 85.75%
=======================================
Files 23 23
Lines 7221 7223 +2
=======================================
+ Hits 6192 6194 +2
Misses 1029 1029
🚀 New features to boost your workflow:
|
gargsaumya
approved these changes
Apr 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request improves the clarity and safety of type casting and buffer handling when converting between character encodings, especially around UTF-16 data. The changes add explanatory comments to document why certain casts are safe and clarify the intent behind buffer manipulations. No functional logic has changed, but the code is now safer to maintain and easier to understand.
Encoding and Buffer Handling Clarifications:
Added detailed comments explaining the rationale and safety of casting between
char*,void*, andSQLWCHAR*(UTF-16) in string conversion and buffer allocation functions. This is done in functions such asconvert_input_str_to_utf16,process_string_param,finalize_output_string,convert_string_from_utf16_inplace, andutf16_string_from_mbcs_stringincore_stmt.cppandcore_util.cpp.Clarified buffer handling and casting in the stream reading logic, ensuring that reinterpretation of buffers as UTF-16 is safe due to ODBC guarantees. (
core_stream.cpp)ODBC Error Handling:
SQLWCHAR*is safe in ODBC error retrieval. (core_util.cpp)