...
| Code Block | ||
|---|---|---|
| ||
int si = /* some signed value */;
unsigned ui = /* some unsigned value */;
printf("%d\n", (si < 0 || (unsigned)si < ui));
|
Automated Detection
The tool Compass/ROSE does not currently detect violations of this rule, but it could by merely reporting comparisons between unsigned integer types and signed integer types.
Risk Assessment
Misunderstanding integer conversion rules can lead to errors, which in turn can lead to exploitable vulnerabilities. The major risks occur when narrowing the type (which requires a specific cast or assignment), or converting from from unsigned to signed, or from negative to unsigned.
...