CWE-196

• CWE ID
• 196

• CWE Name
• Unsigned to Signed Conversion Error

• CWE Abstraction
• Variant

• CWE structure
• Simple

• CWE Status
• Draft

The software uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive.

Although less frequent an issue than signed-to-unsigned conversion, unsigned-to-signed conversion can be the perfect precursor to dangerous buffer underwrite conditions that allow attackers to move down the stack where they otherwise might not have access