Previous Thread
Next Thread
Print Thread
Rate Thread
#17131 01/26/05 07:54 PM
Joined: Jan 2005
Posts: 1
I
istar Offline OP
Junior Member
OP Offline
Junior Member
I
Joined: Jan 2005
Posts: 1
i was reading an computer magasine and i read something i never encoutered before: integer overflows and underflows so i wondered if you can answer this question: what are int overflows and underflows?


//I don't agree whith that you just said but i will defend your write to say it for the rest of my life//
- S.G.Tallentyre
#17132 01/28/05 04:34 AM
Joined: Mar 2004
Posts: 419
S
UGN Member
Offline
UGN Member
S
Joined: Mar 2004
Posts: 419
Most security vulnerabilities are software bugs�in the strict sense of the word. And most of these bugs would be considered innocuous, perhaps in an environment where people aren't trying to break the program. But then, we come to the Internet.

The most famous class of such bugs is the buffer overflow, by now the kind of term that makes it into your local paper when another Windows flaw makes the news. But in recent years a new type of vulnerability is being exploited more frequently: Integer manipulation bugs.

Not all integer manipulation bugs are integer overflows�some of them are underflows. Still, the class of error is usually referred to generically as overflows.

The basic problem is that integers in computers have a finite range. For instance, the rage of a signed 16-bit integer is -32767 to 32767.

What happens if arithmetic moves the value out of that range? The number could easily turn out to be massively larger or smaller than the expectation of the program's logic. Another example is a number that turns out to be negative instead of positive, changing the result of an "if (a<b)" comparison from what it was originally designed to be.

And then there are errors relating to the effects of integer promotion. When operations are made on integers of different sizes, say a short and a long, the smaller one is promoted temporarily to the larger size, and the result is potentially truncated back to the smaller size.

So what can go wrong just because a number is not what it should be? Some of those numbers are used for important stuff.


Source


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants

Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5