...
This compliant solution performs a post-condition test to ensure that the result of the unsigned addition operation usum is not less than either of the operandsfirst operand.
| Code Block | ||
|---|---|---|
| ||
unsigned int ui1, ui2, usum;
/* Initialize ui1 and ui2 */
usum = ui1 + ui2;
if (usum < ui1 || usum < ui2) {
/* handle error condition */
}
|
...
| Wiki Markup |
|---|
The Mozilla Scalable Vector Graphics (SVG) viewer contains a heap buffer overflow vulnerability resulting from an unsigned integer wrap during the multiplication of the {{signed int}} value {{pen->num_vertices}} and the {{size_t}} value {{sizeof(cairo_pen_vertex_t)}} \[[VU#551436|AA. Bibliography#VU551436]\]. The {{signed int}} operand is converted to {{size_t}} prior to the multiplication operation so that the multiplication takes place between two {{size_t}} integers, which are unsigned. (See recommendation [INT02-C. Understand integer conversion rules|INT02-C. Understand integer conversion rules].) |
...