...
| Wiki Markup |
|---|
are optimized away; no object code to perform the check will appear in the resulting executable program \[[VU#162289|AA. C References#VU#162289]\]. |
Compliant Solution
Test for the possibility of overflow before the operation is performed, rather than after.
| Code Block | ||
|---|---|---|
| ||
char *buf;
int len = 1<<30;
/* ... */
if (buf+len < buf) { /* length check */
/* perform some operation using len */
}
unsigned int ui1, ui2, sum;
if (UINT_MAX - ui1 < ui2) {
/* handle error condition */
}
sum = ui1 + ui2;
|
Risk Assessment
Out of range integer values can result in fetches or stores from arbitrary memory locations and the execution of arbitrary code.
...