Page History

...

Tool

Version

Checker

Description

Fortify SCA

V. 5.0

Can detect violations of this rule with CERT C Rule Pack.

Compass/ROSE

Can detect violations of this rule. It should look for patterns of (a op1 b) op2 c where:

- c has a bigger type than a or b
- Neither a nor b are typecast to c's type
- op2 is assignment or comparison

Fortify SCA

5.0

Can detect violations of this rule with CERT C Rule Pack.

PRQA QA-C

Include Page

	PRQA_V
	PRQA_V

1890
1891
1892
1893
1894
1895
2790 (C)

Partially implemented.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard

...

	INT35-CPP. Evaluate integer expressions in a larger size before comparing or assigning to that size

...


ISO/IEC TR 24772

...

Numeric conversion errors

...

[FLC]

MITRE CWE

...

CWE-681,

...

Incorrect conversion between numeric types

...

CWE-190,

...

Integer overflow (wrap or wraparound)

...

Bibliography

[Dowd 2006]	Chapter 6, "C Language Issues"
[Seacord 2005a]	Chapter 5, "Integer Security"

...

Space shortcuts

Page tree

Versions Compared

Old Version 70

New Version 71

Key

Related Vulnerabilities

Related Guidelines

Bibliography