logo

CWE-1335 - Incorrect Bitwise Shift of Integer

CWE-1335

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Incorrect Bitwise Shift of Integer

Description

An integer value is specified to be shifted by a negative amount or an amount greater than or equal to the number of bits contained in the value causing an unexpected or indeterminate result.

Specifying a value to be shifted by a negative amount is undefined in various languages. Various computer architectures implement this action in different ways. The compilers and interpreters when generating code to accomplish a shift generally do not do a check for this issue. Specifying an over-shift, a shift greater than or equal to the number of bits contained in a value to be shifted, produces a result which varies by architecture and compiler. In some languages, this action is specifically listed as producing an undefined result.

Common Consequences

Scope: Integrity

Impact: DoS: Crash, Exit, or Restart

Related Weaknesses
  • Release Date:
  • 2021-07-20
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website