CWE-1335: Incorrect Bitwise Shift of Integer

BaseDraft

An integer value is specified to be shifted by a negative amount or an amount greater than or equal to the number of bits contained in the value causing an unexpected or indeterminate result.

View on MITRE
Back to CWE Lookup

Extended Description

Specifying a value to be shifted by a negative amount is undefined in various languages. Various computer architectures implement this action in different ways. The compilers and interpreters when generating code to accomplish a shift generally do not do a check for this issue. Specifying an over-shift, a shift greater than or equal to the number of bits contained in a value to be shifted, produces a result which varies by architecture and compiler. In some languages, this action is specifically listed as producing an undefined result.

Technical Details

Structure
Simple

Applicable To

Languages
CC++C#JavaJavaScript
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1335: Incorrect Bitwise Shift of Integer?+

CWE-1335: Incorrect Bitwise Shift of Integer is a Common Weakness Enumeration (CWE) entry maintained by MITRE. An integer value is specified to be shifted by a negative amount or an amount greater than or equal to the number of bits contained in the value causing an unexpected or indeterminate result. Specifying a value to be shifted by a negative amount is undefined in various languages. Various computer architectures implement this action in different ways. The compilers and interpreters when generating code to accomplish a shift generally do not do a check for this issue. Specifying an over-shift, a shift greater than or equal to the number of bits contained in a value to be shifted, produces a result which varies by architecture and compiler. In some languages, this action is specifically listed as producing an undefined result.

What are the security consequences of Incorrect Bitwise Shift of Integer?+

If exploited, CWE-1335 (Incorrect Bitwise Shift of Integer) it can compromise Integrity, leading to outcomes such as DoS: Crash, Exit, or Restart.

How do you prevent or mitigate Incorrect Bitwise Shift of Integer?+

Recommended mitigations for CWE-1335 include: Implicitly or explicitly add checks and mitigation for negative or over-shift values.

Which programming languages are affected by Incorrect Bitwise Shift of Integer?+

CWE-1335 commonly affects C, C++, C#, Java and JavaScript. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Incorrect Bitwise Shift of Integer?+

MITRE documents real CVEs mapped to CWE-1335, including CVE-2009-4307, CVE-2012-2100, CVE-2020-8835, CVE-2015-1607 and CVE-2016-9842. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1335 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More