...
If the integer exhibiting modulo behavior contributes to the value of an integer not marked as exhibiting modulo behavior, the resulting integer must obey this rule.
...
Risk Assessment
Integer overflow can lead to buffer overflows and the execution of arbitrary code by an attacker.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level | |
|---|---|---|---|---|---|---|
INT32-C | ||||||
Component | Value | |||||
Severity | 3 (high) | Likelihood | 2 (probable) Remediation cost | 1 (high) | P6 | L2 |
References
- ISO/IEC 9899-1999 Section 6.5, "Expressions," and Section 7.10, "Sizes of integer types <limits.h>"
- Seacord 05 Chapter 5, "Integers"
- Warren 02 Chapter 2, "Basics"
- Viega 05 Section 5.2.7, "Integer overflow"