logo

Use of Incorrect Byte Ordering

Draft Variant
Structure: Simple
Description

This vulnerability occurs when software processes data from another system without considering byte order (endianness), such as big-endian or little-endian. This mismatch can cause the program to misinterpret numbers or values, leading to incorrect calculations, crashes, or security flaws.

Extended Description

At its core, this issue is a data representation mismatch. Different computer architectures store multi-byte data (like integers or memory addresses) in opposite orders. Big-endian stores the most significant byte first, while little-endian stores it last. When software assumes one format but receives data in the other, it reads values backwards, turning a harmless number into a potentially dangerous or logic-breaking one. To prevent this, developers must explicitly define and validate the byte order for any data crossing trust boundaries, such as in network protocols, file parsers, or inter-process communication. Always use standardized conversion functions (like `ntohl()` or `htons()`) for network data, and consider employing structured data formats with built-in serialization that handles these details automatically.
Common Consequences 1
Scope: Integrity

Impact: Unexpected State
Detection Methods 1
Black Box
Because byte ordering bugs are usually very noticeable even with normal inputs, this bug is more likely to occur in rarely triggered error conditions, making them difficult to detect using black box methods.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Functional Areas
  1. Memory Management
Affected Resources
  1. Memory
Related Weaknesses
ChildOf: Reliance on Data/Memory Layout (CWE-188)
Taxonomy Mapping
  • PLOVER
  • The CERT Oracle Secure Coding Standard for Java (2011)
Notes
Research GapUnder-reported.