CWE-682: Incorrect Calculation

"The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management." - Entry from the Common Weakness Enumeration

For more info visit CWE-682

Examples
Articles

Examples

Bad things happen when integers wrap around

Loop counters, file sizes, malloc arguments, session tokens, primary keys... numbers are everywhere in our code. What happens when our numbers get very, _very_ big? Integer overflow, or wraparound, is much more dangerous than it seems.

expand_less