Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "User:Xochipilli/Integer Overflow Vulnerability"
From NetSec
(Created page with "=Overview= {{Main|Bitwise_math#Overflows}} An integer overflow or underflow occurs when an integer exceeds its bounds (MIN_INT and MAX_INT for signed integers). =Exploitation= I...") |
|||
| Line 1: | Line 1: | ||
| + | {{inprog}} | ||
=Overview= | =Overview= | ||
{{Main|Bitwise_math#Overflows}} | {{Main|Bitwise_math#Overflows}} | ||
Latest revision as of 03:28, 16 May 2012
|
Overview
- Main article: Bitwise_math#Overflows
An integer overflow or underflow occurs when an integer exceeds its bounds (MIN_INT and MAX_INT for signed integers).
Exploitation
Integer overflow is expected behavior, however, it can lead to exploitation in certain circumstances. For example, an integer may be casted to a smaller type after the application validates it. If that integer is then used to allocate or copy memory, it could lead to a Buffer Overflow or Denial of Service (DoS) attack. Consider the following trivial example:
