False positive report “An integral type is too small to hold a pointer value” for Objective-C

Rules and Languages Report False-positive / False-negative...
1

INFO: SonarQube Scanner 4.6.2.2472
Xcode Version 13.3

We are also experiencing the same issue described by Aleksei and Christophe, with many false alarms for the Objective-C rule “An integral type is too small to hold a pointer value.” Please advise @mpaladin. Thanks.

2

Welcome to the community @kileymk!

As this topic was resolved a few years ago, and you are most likely are encountering a different issue, could you please open the topic for your use case? In addition, we will not be able to provide much advice without getting more context for your issues.
This includes:

  • including some example snippets or even better reproducer for file that contains issues
  • version SonarQube if used, or information if you use SonarCloud

Also, if you are using some older version of SonarQube could you validate if the issue occurs with newest version/LTS?

3

Hi @Tomasz_Kaminski. We are using SonarQube Scanner 4.6.2.2472.

Example code snippet:

- (instancetype)initWithBasePrice:(NSNumber *)basePrice
                             type:(PriceType)type {
    if ((self = [super init])) {
        _basePrice = basePrice;
        _type = type;
    }
    return self;
 }

with PriceType:

typedef NS_ENUM(NSUInteger, PriceType) {
    PriceSaleType,
    PriceListType,
    ...
}

This gives us An integral type is too small to hold a pointer value. on _type = type;

Thanks for the help.

4

Firstly, I moved your post to a new topic (@kileymk).
To help us with the investigation would it possible for you to provide the reproduce file where the issue appears combined with the build-wrapper and analysis log.

To generate the reproducer file:

  • Search in the analysis log for the full path of the source file for which you want to create a reproducer (for instance, a file that contains a false-positive). You will have to use exactly this name (same case, / or \…)
  • Add the reproducer option to the scanner configuration:
    sonar.cfamily.reproducer= “Full path to the .cpp”
  • Re-run the scanner to generate a file named sonar-cfamily.reproducer in the project folder.

Please share this file. If you think this file contains private information, let us know, and we’ll send you a private message that will allow you to send it privately.