Name Forced Integer Overflow
Summary This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Prerequisites The attacker can manipulate the value of an integer variable utilized by the target host. The target host does not do proper range checking on the variable before utilizing it. When the integer variable is incremented or decremented to an out of range value, it gets a very different value (e.g. very small or negative number)
Solutions Use a language or compiler that performs automatic bounds checking. Carefully review the service's implementation before making it available to user. For instance you can use manual or automated code review to uncover vulnerabilities such as integer overflow. Use an abstraction library to abstract away risky APIs. Not a complete solution. Always do bound checking before consuming user input data.
Related Weaknesses
CWE ID Description
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-122 Heap-based Buffer Overflow
CWE-128 Wrap-around Error
CWE-190 Integer Overflow or Wraparound
CWE-196 Unsigned to Signed Conversion Error
CWE-680
CWE-697 Insufficient Comparison
Back to Top