3 files changed, 11 insertions, 8 deletions

diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc
index aaa4e8907..a27cb0076 100644
--- a/src/libstore/build/worker.cc
+++ b/src/libstore/build/worker.cc
@@ -1,3 +1,4 @@
+#include "charptr-cast.hh"
 #include "machines.hh"
 #include "worker.hh"
 #include "substitution-goal.hh"
@@ -539,7 +540,7 @@ void Worker::waitForInput()
                 } else {
                     printMsg(lvlVomit, "%1%: read %2% bytes",
                         goal->getName(), rd);
-                    std::string_view data(reinterpret_cast<char *>(buffer.data()), rd);
+                    std::string_view data(charptr_cast<char *>(buffer.data()), rd);
                     j->lastOutput = after;
                     handleWorkResult(goal, goal->handleChildOutput(k, data));
                 }
diff --git a/src/libstore/crypto.cc b/src/libstore/crypto.cc
index e8ab15537..6f4a36735 100644
--- a/src/libstore/crypto.cc
+++ b/src/libstore/crypto.cc
@@ -1,3 +1,4 @@
+#include "charptr-cast.hh"
 #include "crypto.hh"
 #include "file-system.hh"
 #include "globals.hh"
@@ -44,15 +45,15 @@ std::string SecretKey::signDetached(std::string_view data) const
 {
     unsigned char sig[crypto_sign_BYTES];
     unsigned long long sigLen;
-    crypto_sign_detached(sig, &sigLen, reinterpret_cast<const unsigned char *>(data.data()), data.size(),
-        reinterpret_cast<const unsigned char *>(key.data()));
+    crypto_sign_detached(sig, &sigLen, charptr_cast<const unsigned char *>(data.data()), data.size(),
+        charptr_cast<const unsigned char *>(key.data()));
     return name + ":" + base64Encode(std::string(reinterpret_cast<char *>(sig), sigLen));
 }
 
 PublicKey SecretKey::toPublicKey() const
 {
     unsigned char pk[crypto_sign_PUBLICKEYBYTES];
-    crypto_sign_ed25519_sk_to_pk(pk, reinterpret_cast<const unsigned char *>(key.data()));
+    crypto_sign_ed25519_sk_to_pk(pk, charptr_cast<const unsigned char *>(key.data()));
     return PublicKey(name, std::string(reinterpret_cast<char *>(pk), crypto_sign_PUBLICKEYBYTES));
 }
 
@@ -85,9 +86,9 @@ bool verifyDetached(const std::string & data, const std::string & sig,
     if (sig2.size() != crypto_sign_BYTES)
         throw Error("signature is not valid");
 
-    return crypto_sign_verify_detached(reinterpret_cast<unsigned char *>(sig2.data()),
-        reinterpret_cast<const unsigned char *>(data.data()), data.size(),
-        reinterpret_cast<const unsigned char *>(key->second.key.data())) == 0;
+    return crypto_sign_verify_detached(charptr_cast<unsigned char *>(sig2.data()),
+        charptr_cast<const unsigned char *>(data.data()), data.size(),
+        charptr_cast<const unsigned char *>(key->second.key.data())) == 0;
 }
 
 PublicKeys getDefaultPublicKeys()
diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc
index 3114aad48..8d0bfcb11 100644
--- a/src/libstore/sqlite.cc
+++ b/src/libstore/sqlite.cc
@@ -1,3 +1,4 @@
+#include "charptr-cast.hh"
 #include "sqlite.hh"
 #include "globals.hh"
 #include "logging.hh"
@@ -201,7 +202,7 @@ bool SQLiteStmt::Use::next()
 
 std::optional<std::string> SQLiteStmt::Use::getStrNullable(int col)
 {
-    auto s = reinterpret_cast<const char *>(sqlite3_column_text(stmt, col));
+    auto s = charptr_cast<const char *>(sqlite3_column_text(stmt, col));
     return s != nullptr ? std::make_optional<std::string>((s)) : std::nullopt;
 }