Understanding Integer Overflows: Causes, Consequences, and Preventions, Slides of Software Engineering

What integer overflows are, their causes, consequences, and how to prevent them in c and c++ programming. It covers unsigned and signed integers, casting operations, and security concerns.

Typology: Slides

2012/2013

Uploaded on 04/26/2013

sharad_984
sharad_984 🇮🇳

4.5

(13)

129 documents

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Integer Overflows
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Understanding Integer Overflows: Causes, Consequences, and Preventions and more Slides Software Engineering in PDF only on Docsity!

Integer Overflows

What is an integer overflow?

“[T]he condition that occurs when a calculation produces a result that is greater in magnitude than that which a given register or storage location can store or represent.”

  • Wikipedia - Arithmetic overflow

http://en.wikipedia.org/wiki/Arithmetic_overflow

C/C++ Data Types

Source: http://hubpages.com/hub/Data-Types-in-C-Language

Casting Operations

Unsigned int to Larger unsigned int

Best case (no worries)

Casting Operations

Unsigned int to Same-Size signed int

Bit pattern is preserved

New value depends on original sign bit

Casting Operations

Downcast

Truncates original value

Data loss may occur

Value may become negative

Implicit Casting

Operators may cause implicit casting

Operators (+,-,*,/,%,&,|,^,&&,||,!) follow these rules:

If either operand is an unsigned long, both are upcast to an

unsigned long.

Otherwise, both operands are upcast to an int and the result is

an int.

Source: 19 Deadly Sins. Howard, Leblanc, Viega [2005]

Security Concerns

Integer overflows may lead to buffer overruns

Memory allocation

Array indexing

Unexpected control flow

Crash