...
Use only signed char and unsigned char types for the storage and use of numeric values, as this is the only portable way to guarantee the signedness of the character types. See STR00-A. Represent characters using an appropriate type for more more information on representing characters.
...
This is a subtle error that results in a disturbingly broad range of potentially severe vulnerabilities. At the very least, this error can lead to unexpected numerical results on different platforms. Unexpected arithmetic values when applied to arrays or pointers can yield buffer overflows or other invalid memory access.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT07-A | medium | probable | medium | P8 | L2 |
...