All integer values originating from untrusted sources should be evaluated to determine whether there are identifiable upper and lower bounds. If so, these limits should be enforced by the interface. Anything that can be done to limit the input of excessively large or small integers should help prevent overflow and other type range errors. Furthermore, it is easier to find and correct input problems than it is to trace internal errors back to faulty inputs.
Risk Assessment
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
INT04-A |
2 (medium) |
2 (probable) |
1 (high) |
P4 |
L3 |
Examples of vulnerabilities resulting from the violation of this recommendation can be found on the CERTwebsite.
References
[[Seacord 05]] Chapter 5, "Integer Security"