Corgea LogoCorgea Security Hub

CWE-190: Integer Overflow or Wraparound

Learn about CWE-190 (Integer Overflow or Wraparound), its security impact, exploitation methods, and prevention guidelines.

What is Integer Overflow or Wraparound?

• Overview: Integer Overflow or Wraparound is a vulnerability where calculations exceed the maximum value an integer can hold, causing the value to wrap around to a very small or negative number. This can happen when the logic assumes the resulting value will always be larger than the original.

• Exploitation Methods:

  • Attackers can exploit this by manipulating input values to trigger overflows during arithmetic operations, leading to unintended behaviors.
  • Common attack patterns include providing large input values that, when processed, cause an overflow or wraparound, potentially leading to incorrect data handling or security bypasses.

• Security Impact:

  • Direct consequences include incorrect program logic execution, which might lead to arbitrary code execution, data corruption, or crashes.
  • Potential cascading effects involve unauthorized access to system resources or information disclosure.
  • Business impact can range from service downtime and data integrity issues to severe reputational damage and financial loss.

• Prevention Guidelines:

  • Specific code-level fixes involve using data types capable of holding larger values, implementing proper bounds checking, and using safe arithmetic functions.
  • Security best practices include validating and sanitizing all input data, employing static and dynamic code analysis tools to detect potential overflows, and adhering to secure coding standards.
  • Recommended tools and frameworks include compilers with built-in overflow protection, static analysis tools that detect overflow vulnerabilities, and libraries that provide safe arithmetic operations.
Corgea can automatically detect and fix Integer Overflow or Wraparound in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Medium

Affected Languages: C, Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

C Example

// This code demonstrates an integer overflow vulnerability.
// When `a` is close to the maximum value of an int, adding `b` can cause overflow,
// resulting in a wraparound and producing an incorrect, possibly negative result.

#include <stdio.h>
#include <limits.h>

int main() {
    int a = INT_MAX - 5; // Initialize `a` close to maximum int value
    int b = 10;          // `b` is a positive integer
    int result = a + b;  // Vulnerable line: Potential overflow here
    printf("Result: %d\n", result); // This may print a negative number due to overflow
    return 0;
}

How to fix Integer Overflow or Wraparound?

To fix this vulnerability, you need to ensure that any arithmetic operations involving integers check for possible overflow before performing the operation. This can be done using several approaches:

  1. Use Safe Arithmetic Functions: Use functions designed to safely add, subtract, multiply, or divide integers, checking for overflow conditions.

  2. Manual Pre-Check: Before performing the arithmetic operation, check if the operation will result in a value that exceeds the maximum (or minimum) value for the integer type.

  3. Use of Larger Data Types: If appropriate, use larger data types (like long long in C) to accommodate the result of the arithmetic operation.

  4. Compiler Built-in Functions: Utilize compiler built-in functions like __builtin_add_overflow to handle overflow checks.

Here, we will use manual pre-checks to demonstrate a simple and effective way to prevent overflow.

Fixed Code Example

// This code includes a check to prevent integer overflow.
// It ensures that the addition is safe and does not exceed the maximum int value.

#include <stdio.h>
#include <limits.h>

int main() {
    int a = INT_MAX - 5;
    int b = 10;
    int result;

    // Fixed lines: Check for overflow before addition
    if (a > INT_MAX - b) {
        printf("Error: Integer overflow detected!\n");
        return -1; // Handle the error appropriately by terminating the program safely
    }

    result = a + b;  // Safe to add now
    printf("Result: %d\n", result);
    return 0;
}

In the fixed code, before performing the addition, we check if a is greater than INT_MAX - b. This ensures that adding b to a will not exceed the maximum value representable by an int. If the condition is true, we handle the situation by printing an error message and terminating the program safely. This approach prevents the overflow and subsequent wraparound, maintaining the integrity of the program's logic.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-190: Integer Overflow or Wraparound and get remediation guidance

Start for free and no credit card needed.