...
Test for the possibility of overflow before the operation is performed, rather than afterwithout performing the operation (see INT32-C. Ensure that integer operations do not result in an overflow for more information).
| Code Block | ||
|---|---|---|
| ||
char *buf; intsize_t len = 1 << 1<<3030; /* ... */ if (buf+SIZE_MAX - len < buf) { /* length check */ /* perform some operation using len */ } unsigned int ui1, ui2, sum; if (UINT_MAX - ui1 < ui2) { /* handle error condition */ } sum = ui1 + ui2; |
Risk Assessment
Out of range integer values can result in fetches or stores from arbitrary memory locations and the execution of arbitrary code.
...