...
In the following non-compliant example, i + 1 will overflow on a 16-bit machine. The C standard allows signed integers to overflow and produce incorrect results, and compilers . Compilers can take advantage of this to produce faster code by assuming an overflow will not happen. ThereforeAs a result, the if statement that is intended to catch an overflow might be optimized away.
...
| Code Block | ||
|---|---|---|
| ||
long i = /* some expression that evaluates to the value 32767 */; /* ... */ /* No test is necessary; i is known not to overflow. */ |
Risk Assessment
If an integer overflow produces an unexpected value which is then used to index into an array, a buffer overflow could resultOut of range integer values can result in fetches or stores from arbitrary memory locations and the execution of arbitrary code.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT08-A | 2 (medium) | 2 (probable) | 1 (high) | P4 | L3 |
...