|
|
Status: Incomplete Weakness ID: 194 (Weakness Base)Description Summary If one extends a signed number incorrectly, if negative numbers are used, an incorrect extension may result. Extended Description Sign extension errors -- if they are used to collect information from smaller signed sources -- can often create buffer overflows and other memory based problems. Likelihood of Exploit High Common Consequences Integrity If one attempts to sign extend a negative variable with an unsigned extension algorithm, it will produce an incorrect result. Authorization Sign extension errors -- if they are used to collect information from smaller signed sources -- can often create buffer overflows and other memory based problems. Potential Mitigations Implementation Use a sign extension library or standard function to extend signed numbers. Implementation When extending signed numbers fill in the new bits with 0 if the sign bit is 0 or fill the new bits with 1 if the sign bit is 1. Demonstrative Examples C Example: struct fakeint { short f0; short zeros; }; struct fakeint strange; struct fakeint strange2; strange.f0=-240; strange2.f0=240; strange2.zeros=0; strange.zeros=0; printf("%d %d\n",strange.f0,strange); printf("%d %d\n",strange2.f0,strange2);
Relationships
Taxonomy Mappings
Applicable Platforms Languages C C++ Java .NET Time of Introduction  ImplementationContent History Submissions CLASP. (Externally Mined) Modifications CWE Content Team. MITRE. 2008-09-08. (Internal) updated Applicable_Platforms, Common_Consequences, Description, Relationships, Taxonomy_Mappings Previous Entry Names Sign Extension Error (changed 2008-04-11) |
|
|
|||
