...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT Oracle Secure Coding Standard for Java | NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TR 24772:2013 | Numeric Conversion Errors [FLC] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11MITRE CWE | CWE-681, Incorrect Conversion between Numeric Types | 2017-06-29: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-197 | 2017-06-14: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-197 and FLP34-C
Independent( FLP34-C, INT31-C) FIO34-C = Subset( INT31-C)
CWE-197 = Union( FLP34-C, INT31-C)
CWE-195 and FLP34-C
Intersection( CWE-195, FLP34-C) = Ø
Both conditions involve type conversion. However, CWE-195 explicitly focuses on conversions between unsigned vs signed types, whereas FLP34-C focuses on floating-point arithmetic.
CWE-681 and FLP34-C
CWE-681 = Union( FLP34-C, INT31-C)
Bibliography
| [IEEE 754 2006] | |
| [ISO/IEC 9899:2011] | Subclause 6.3.1.4, "Real Floating and Integer" Subclause 6.3.1.5, "Real Floating Types" |
...