### Quick links

**CodeQL queries 1.23**

** Name: **Multiplication result converted to larger type

** Description: **A multiplication result that is converted to a larger type can be a sign that the result can overflow the type converted from.

** ID: **cpp/integer-multiplication-cast-to-long

** Kind: **problem

** Severity: **warning

** Precision: **high

This rule finds code that converts the result of an integer multiplication to a larger type.
Since the conversion applies *after* the multiplication, arithmetic overflow may still occur.

The rule flags every multiplication of two non-constant integer expressions that is (explicitly or implicitly) converted to a larger integer type. The conversion is an indication that the expression would produce a result that would be too large to fit in the smaller integer type.

Use a cast to ensure that the multiplication is done using the larger integer type to avoid overflow.

int i = 2000000000; long j = i * i; //Wrong: due to overflow on the multiplication between ints, //will result to j being -1651507200, not 4000000000000000000 long k = (long) i * i; //Correct: the multiplication is done on longs instead of ints, //and will not overflow

- MSDN Library: Multiplicative Operators: *, /, and %.
- Cplusplus.com: Integer overflow.
- Common Weakness Enumeration: CWE-190.
- Common Weakness Enumeration: CWE-192.
- Common Weakness Enumeration: CWE-197.
- Common Weakness Enumeration: CWE-681.

Overview

Content Tools