...
The right-shift operation may be implemented as either an arithmetic (signed) shift or a logical (unsigned) shift. If E1 in the expression E1 >> E2 has a signed type and a negative value, the resulting value is implementation defined. Also, be careful to avoid undefined behavior while performing a bitwise shift can result in undefined behavior. (See guideline rule INT34-C. Do not shift a negative number of bits or more bits than exist in the operand.)
...
Also, consider using the sprintf_s() function defined in ISO/IEC TR 24731-1, instead of snprintf(), to provide some additional checks. (See guideline recommendation STR07-C. Use TR 24731 for remediation of existing string manipulation code.)
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CERT C++ Secure Coding Standard: INT13-CPP. Use bitwise operators only on unsigned operands
Bibliography
unmigrated-wiki-markup
\[[Dowd 2006|AA. Bibliography#Dowd 06]\] Chapter 6, "C Language Issues" \[[ISO/IEC 2003|AA. Bibliography#ISO/IEC 03]\] Section 6.5.7, "Bitwise shift operators" \[[
ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.5.7, "Bitwise shift operators" \[[
ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] TR 24772 "STR Bit Representations," "XYY Wrap-around Error," and "XZI Sign Extension Error"
MITRE CWE: CWE-682, "Incorrect Calculation"
Bibliography
| Wiki Markup |
|---|
\[[MITREDowd 20072006|AA. Bibliography#MITREBibliography#Dowd 0706]\] [CWE ID 682|http://cwe.mitre.org/data/definitions/682.html]Chapter 6, "IncorrectC Language CalculationIssues" |
...