CWE-196
Unsigned to Signed Conversion Error
The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive.
Mitigation
Phase: Requirements
Description:
- Choose a language which is not subject to these casting flaws.
Mitigation
Phase: Architecture and Design
Description:
- Design object accessor functions to implicitly check values for valid sizes. Ensure that all functions which will be used as a size are checked previous to use as a size. If the language permits, throw exceptions rather than using in-band errors.
Mitigation
Phase: Implementation
Description:
- Error check the return values of all functions. Be aware of implicit casts made, and use unsigned variables for sizes if at all possible.
CAPEC-92: Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.