gitlab.flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1

137
Download Count*
MIT
License

If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended).

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1
    languages:
      - c
    message: >
      If source untrusted, check both minimum and maximum, even if the input had
      no minus sign (large

      numbers can roll over into negative number; consider saving to an unsigned value if that is

      intended).
    metadata:
      cwe: "CWE-190: Unless checked, the resulting number can exceed the expected
        range (CWE-190)"
      primary_identifier: flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1
      secondary_identifiers:
        - name: Flawfinder - atoi
          type: flawfinder_func_name
          value: atoi
        - name: Flawfinder - atol
          type: flawfinder_func_name
          value: atol
        - name: Flawfinder - _wtoi
          type: flawfinder_func_name
          value: _wtoi
        - name: Flawfinder - _wtoi64
          type: flawfinder_func_name
          value: _wtoi64
      license: MIT
    pattern-either:
      - pattern: atoi(...)
      - pattern: atol(...)
      - pattern: _wtoi(...)
      - pattern: _wtoi64(...)
    severity: INFO