...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | INT32-CPP. Ensure that operations on signed integers do not result in overflow |
| CERT Oracle Secure Coding Standard for Java | INT00-J. Perform explicit range checking to avoid integer overflow |
| ISO/IEC TR 24772 | Arithmetic Wrap-around error Error [XYYFIF] |
| ISO/IEC TS 17961 (Draft) | Overflowing signed integers [intoflow] |
| MITRE CWE | CWE-129, Unchecked array indexing CWE-190, Integer overflow (wrap or wraparound) |
Bibliography
| [Dowd 2006] | Chapter 6, "C Language Issues" ("Arithmetic Boundary Conditions," pp. 211–223) |
| [Seacord 2005] | Chapter 5, "Integers" |
| [Viega 2005] | Section 5.2.7, "Integer Overflow" |
| [VU#551436] | |
| [Warren 2002] | Chapter 2, "Basics" |
...