CWE
Home > CWE List > CWE- Individual Dictionary Definition (1.6)  

CWE-704: Incorrect Type Conversion or Cast

 
Incorrect Type Conversion or Cast
Weakness ID: 704 (Weakness Class)Status: Incomplete
+ Description

Description Summary

The software does not correctly convert an object, resource or structure from one type to a different type.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

C: (Often)

C++: (Often)

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class664Improper Control of a Resource Through its Lifetime
Research Concepts (primary)1000
ChildOfCategoryCategory737CERT C Secure Coding Section 03 - Expressions (EXP)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ChildOfCategoryCategory741CERT C Secure Coding Section 07 - Characters and Strings (STR)
Weaknesses Addressed by the CERT C Secure Coding Standard734
ChildOfCategoryCategory747CERT C Secure Coding Section 49 - Miscellaneous (MSC)
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness VariantWeakness Variant588Attempt to Access Child of a Non-structure Pointer
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base681Incorrect Conversion between Numeric Types
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CERT C Secure CodingEXP05-CDo not cast away a const qualification
CERT C Secure CodingMSC31-CEnsure that return values are compared against the proper type
CERT C Secure CodingSTR34-CCast characters to unsigned types before converting to larger integer sizes
CERT C Secure CodingSTR37-CArguments to character handling functions must be representable as an unsigned char
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2009-05-27CWE Content TeamMITREInternal
updated Description
Back to top
Page Last Updated: October 29, 2009
 

CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us