[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

Weaknesses in this category are related to improper calculation or conversion of numbers.

Weaknesses in this category are typically found in functionality that processes data.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types.

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

The software performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses.

A signed-to-unsigned conversion error takes place when a signed primitive is used as an unsigned value, usually as a size variable.

An unsigned-to-signed conversion error takes place when a large unsigned primitive is used as a signed value.

Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies