CWE-681 - Incorrect Conversion between Numeric Types
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2008-04-11
- Latest Modification Date:2024-02-29
Weakness Name
Incorrect Conversion between Numeric Types
Description
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Common Consequences
Scope: Other, Integrity
Impact: Unexpected State, Quality Degradation
Notes: The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.