CWE-681: Incorrect Conversion between Numeric Types
Description
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Submission Date :
April 11, 2008, midnight
Modification Date :
2023-10-26 00:00:00+00:00
Organization :
MITRE
Example - 1
In the following Java example, a float literal is cast to an integer, thus causing a loss of precision.
int i = (int) 33457.8f;
Example - 2
This code adds a float and an integer together, casting the result to an integer.
$floatVal = 1.8345;$intVal = 3;$result = (int)$floatVal + $intVal;
Normally, PHP will preserve the precision of this operation, making $result = 4.8345. After the cast to int, it is reasonable to expect PHP to follow rounding convention and set $result = 5. However, the explicit cast to int always rounds DOWN, so the final value of $result is 4. This behavior may have unintended consequences.
Example - 3
In this example the variable amount can hold a negative value when it is returned. Because the function is declared to return an unsigned int, amount will be implicitly converted to unsigned. If the error condition in the code above is met, then the return value of readdata() will be 4,294,967,295 on a system that uses 32-bit integers.
int amount = 0;...if (result == ERROR)amount = -1;...return amount;unsigned int readdata () {}
Example - 4
In this example, depending on the return value of accecssmainframe(), the variable amount can hold a negative value when it is returned. Because the function is declared to return an unsigned value, amount will be implicitly cast to an unsigned number. If the return value of accessmainframe() is -1, then the return value of readdata() will be 4,294,967,295 on a system that uses 32-bit integers.
int amount = 0;...amount = accessmainframe();...return amount;unsigned int readdata () {}
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
CWE-192: Integer Coercion Error
CWE-194: Unexpected Sign Extension
CWE-195: Signed to Unsigned Conversion Error
CWE-196: Unsigned to Signed Conversion Error
CWE-197: Numeric Truncation Error
CWE-682: Incorrect Calculation
CWE-704: Incorrect Type Conversion or Cast
Visit http://cwe.mitre.org/ for more details.