Try   HackMD

Integer Overflow (deadly sins effect)

Deadly Sins: list of common software defects that can have serious consequences, including security vulnerabilities, data loss, and system failure.
referred to as Sins because they can be avoided with proper care and attention to detail during the software development process.

TOP DEADLY SINS EFFECTS:

  1. Integer Overflows
  2. SQL Injection
  3. Command Injection
  4. XSS
  5. Race Conditions: occurs when two or more threads or processes access shared data at the same time.
  6. Failing to Handle Errors

Data types programming languages

NOTE 1: Every type in programing language has specific length of bits to represent it

  • char -> 8 bits
  • short -> 16 bits
  • int -> 32 bits
  • long -> 64 bits
    NOTE 2: number can be unsigned (positive only) or signed (negative and positive).

And according to this every data type have max value and min value.

Example int data type => range = 2^32

  • in unsigned int the range is [0 , 2^32 - 1]
  • in signed int the range is [-2^31 , 2^31 - 1]

Computing with in programming languages

To make it easy to understand suppose int number of bits equal 8 bit the range is [-128 , 127]

Example:

int x = 120 int y = 2; int z = x + y; int intOverFlowWillOccure = x * y; // what is (z, intOverFlowWillOccure) values? // z => 120 + 2 = 122 // this is less than int max value so it will be normal. // -------- //intOverFlowWillOccure => 120 * 2 = 240, // BUT not that 240 > 127 (int max) // So how we can store this value 🤔?? // 240 - 127 = 113 this overflow will be wrapped // so the value will be (min - 1) + overflow // intOverFlowWillOccure = -128 - 1 + 113 = -16 🤯

Integer Overflow Definition

previous example show the proplem that occures when we try to store value larger than the data type max value this is what we call (integer overflow)

Integer Overflow: an arithmetic operation attempts to create a numeric value that is larger than can be represented within the available storage space.

Casting

Is the process of converting a value from one data type to another.

When casting occures in C language?

  1. When assigning to a diffreent data type
int x = 10; double y = x; // x value will be cast automatically to double
  1. For binary operators (+, -, *, /, %, &, |, ^)
    • if one of the two operand is an unsigned long the result will be unsigned long.
    • if one of the two operand is an long the result will be long.
    • in all other cases the result is int
  2. For unary operators (~ , ++ , );
    • ~ change the type
    • ++ or -- does not change type.

Conclusion

Programming languages that allow direct access to memory and do not check for buffer and numeric overflow are particularly vulnerable to buffer overflow and integer overflow attacks.

Example : C language enable you to assign double value to int data type and in this case the fraction will be deleted, this in some cases can lead to int overflow.

double x = 3.14; int y = x; // y value is equal to 3 and the 0.14 deleted

But in java this operation is not allowed to, java will throw an Exception, and because of that java considered as safe overflow language.