What is an Integer Overflow

An integer overflow is a type of an arithmetic overflow error when the result of an integer operation does not fit within the allocated memory space. Instead of an error in the program, it usually causes the result to be unexpected. Integer overflows have been listed as the number 8 most dangerous software error in the most recent CWE 2019 list, mostly because they often lead to buffer overflows, which are currently the number 1 most dangerous software error according to that list. In Java byte ,short , int and long all in Integer type

How Integer Overflows Happen

In most programming languages, integer values are usually allocated a certain number of bits in memory. For example in java ,byte reserved space -128 to +127

In the case of signed integers, the most significant (first) bit usually signifies whether the integer is a positive value or a negative value.

However, what happens when you perform the calculation 127 + 1 and attempt to store the result that is greater than the maximum value for the integer(in tis case byte) type?

It depends completely on the language and the compiler. And, unfortunately, most languages and most compilers raise no error at all and simply perform a modulo operation, wraparound, or truncation, or they have other undefined behavior. For the above example in java, the result is most often -128.

When you go below the minimum value (underflow), the result usually becomes a positive number. For example, −128 − 1 is usually 127.

In addition to typical operations such as addition, subtraction, or multiplication, integer overflows may also happen due to typecasting. For example, one operation may treat an integer as an unsigned one and another operation may treat exactly the same integer as a signed one, therefore interpreting the value incorrectly.

Integer Overflow Risks

Most integer overflow conditions simply lead to erroneous program behavior but do not cause any vulnerabilities. However, in some cases, integer overflows may have severe consequences:

• If an integer overflow happens when you calculate the length of a buffer, you may end up with a buffer overflow. A buffer overflow lets the attacker gain shell access and attempt further privilege escalation.
• If an integer overflow happens during financial calculations, it may, for example, result in the customer receiving credit instead of paying for a purchase or may cause a negative account balance to become positive.

Preventing Integer Overflows

The biggest issue with even the most basic integer overflows is that they are very hard to discover and prevent. There is no error, there is no warning, you simply get a wrong result of the operation. The only way to discover them is to examine the operands before the operation or examine the result after (for example, checking whether the addition result for two positive numbers is smaller than the operands).