VNX-192 – Integer Coercion Error

Overview

Comparing a signed int to sizeof() (which returns size_t, an unsigned type) causes the signed value to be promoted to unsigned. If the value is negative, it becomes a huge positive number that passes any upper-bound check. Java’s (byte) cast silently truncates values outside -128..127. This maps to CWE-192: Integer Coercion Error.

Severity: Medium | CWE: CWE-192

Remediation

// SAFE: cast to ssize_t for signed comparison
if (n < 0 || (size_t)n >= sizeof(buf)) { return -1; }

// SAFE: range check before narrow cast
int val = Integer.parseInt(input);
if (val < Byte.MIN_VALUE || val > Byte.MAX_VALUE) throw new IllegalArgumentException();
byte b = (byte) val;

References

• CWE-192