VOTD: Integer Overflow Engineering Secure Software Last Revised: - - PowerPoint PPT Presentation

SWEN-331: Engineering Secure Software Benjamin S Meyers

VOTD: Integer Overflow

Engineering Secure Software

Last Revised: August 17, 2020 1

SWEN-331: Engineering Secure Software Benjamin S Meyers

What is Integer Overflow?

• An operation that creates a numeric value outside of the

range that can be represented by a data type

• e.g. adding to a really large number to another that results in

a wrap around

• e.g. casting a larger data type to a smaller one (long to int)

2

SWEN-331: Engineering Secure Software Benjamin S Meyers

How Do You Do It?

• Java Integer.MAX_VALUE: 2147483647 (min: -2147483648)
• Casting long (64bit) to int (32bit)

3

bank.balance = 0; bank.deposit(Integer.MAX_VALUE); // bank.balance is now 2147483647 bank.deposit(1); // bank.balance is now -2147483648 patient.id = 4294967314L; patient.id = (int) patient.id; // patient.id is now 18

SWEN-331: Engineering Secure Software Benjamin S Meyers

Mitigations

• Check the size of your integers, considering what would

happen if it wrapped around

• Watch the casting - don't just ignore those compiler

warnings!

• Libraries such as SafeInt or BigInteger might be more suitable

if the problem is very complex

4

SWEN-331: Engineering Secure Software Benjamin S Meyers

Notes

• A wraparound combined with a malloc operation can result

in a zero-sized buffer being allocated -- leading to a zero-byte buffer, which will always be overflowed

• In practice, most integer wraparounds come from improper

casting, not as much from math operations

• It's impractical to always check every integer for wraparound

after every operation -- but, keep this as a consideration in sensitive situations

5

SWEN-331: Engineering Secure Software Benjamin S Meyers 6

Source: https://xkcd.com/571/