2 files changed, 38 insertions, 0 deletions

diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst
index 4e8b318..b2effad 100644
--- a/clang/docs/analyzer/checkers.rst
+++ b/clang/docs/analyzer/checkers.rst
@@ -3086,6 +3086,23 @@ Either the comparison is useless or there is division by zero.
    if (x == 0) { } // warn
  }
 
+.. _alpha-core-StoreToImmutable:
+
+alpha.core.StoreToImmutable (C, C++)
+""""""""""""""""""""""""""""""""""""
+Check for writes to immutable memory regions. This implements part of SEI CERT Rule ENV30-C.
+
+This checker detects attempts to write to memory regions that are marked as immutable,
+including const variables, string literals, and other const-qualified memory.
+
+.. literalinclude:: checkers/storetoimmutable_example.cpp
+    :language: cpp
+
+**Solution**
+
+Avoid writing to const-qualified memory regions. If you need to modify the data,
+remove the const qualifier from the original declaration or use a mutable copy.
+
 alpha.cplusplus
 ^^^^^^^^^^^^^^^
 
diff --git a/clang/docs/analyzer/checkers/storetoimmutable_example.cpp b/clang/docs/analyzer/checkers/storetoimmutable_example.cpp
new file mode 100644
index 0000000..bfd67ef
--- /dev/null
+++ b/clang/docs/analyzer/checkers/storetoimmutable_example.cpp
@@ -0,0 +1,21 @@
+const int global_const = 42;
+
+struct TestStruct {
+  const int x;
+  int y;
+};
+
+void immutable_violation_examples() {
+  *(int *)&global_const = 100; // warn: Trying to write to immutable memory
+
+  const int local_const = 42;
+  *(int *)&local_const = 43; // warn: Trying to write to immutable memory
+
+  // NOTE: The following is reported in C++, but not in C, as the analyzer
+  // treats string literals as non-const char arrays in C mode.
+  char *ptr_to_str_literal = (char *)"hello";
+  ptr_to_str_literal[0] = 'H'; // warn: Trying to write to immutable memory
+
+  TestStruct s = {1, 2};
+  *(int *)&s.x = 10; // warn: Trying to write to immutable memory
+}