...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
| Wiki Markup |
|---|
A Linux kernel vmsplice [exploit|BB. Definitions#exploit], described |
documents a vulnerability and exploit arising directly out of unsigned integer wrapping
at \[[Wojtczuk 08|AA. C References#Wojtczuk 08]\], documents a vulnerability and exploit arising from a buffer overflow (caused by unsigned integer wrapping). |
References
| Wiki Markup |
|---|
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 6, "C Language Issues" (Arithmetic Boundary Conditions, pp. 211-223)
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.2.5, "Types," Section 6.5, "Expressions," and Section 7.10, "Sizes of integer types <limits.h>"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XYY Wrap-around Error"
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 5, "Integers"
\[[Viega 05|AA. C References#Viega 05]\] Section 5.2.7, "Integer overflow"
\[[VU#551436|AA. C References#VU551436]\]
\[[Warren 02|AA. C References#Warren 02]\] Chapter 2, "Basics"
\[[Wojtczuk 08|AA. C References#Wojtczuk 08]\] |
...
INT15-A. Take care when converting from pointer to integer or integer to pointer 04. Integers (INT)