This attack a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior.This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range.
PROBLEM IMPACT :
– A buffer overflow by injecting malicious code into the stack of a software system .
– integer by inserting an out of range value.
– DoS: crash / exit / restart; Execute unauthorized code or commands; Read memory; Modify memory
Use a language or compiler that performs automatic bounds checking.
Carefully review the service’s implementation before making it available to user. For instance you can use manual or automated code review to uncover vulnerabilities such as integer overflow.
If you have to use dangerous functions, make sure that you do boundary checking.
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Always do bound checking before consuming user input data.
GENERAL RESOURCES :
GENERAL TOOLS :
- Exploit Pack
- Visual Code Grepper – Code security scanning tool.