Integer Overflow High

Converting untrusted input strings directly to smaller integer types like int16 or int32 can cause integer overflow if the input represents a number outside the target type's range. Using strconv.Atoi on very large strings and type converting the result to a small integer type allows creating integers that wrap around the type's maximum value. This can result in data loss, unexpected behavior, and errors from the wrapped value. Input requires validation before such conversions to prevent overflow. Checks should ensure the input string can be converted and the resulting integer will fit into the target type's range. Adding input checks helps prevent overflow from large inputs.

Detector ID
go/integer-overflow@v1.0
Category
Common Weakness Enumeration (CWE) external icon