Understanding integer overflow in C/C++

@article{Dietz2012UnderstandingIO,
  title={Understanding integer overflow in C/C++},
  author={Will Dietz and Peng Li and John Regehr and Vikram S. Adve},
  journal={2012 34th International Conference on Software Engineering (ICSE)},
  year={2012},
  pages={760-770}
}
Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors or exploitable vulnerabilities. Although a number of tools for finding these bugs exist, the situation is complicated because not all overflows are bugs. Better tools need to be constructed, but a thorough understanding of the issues behind these errors does not yet exist. We developed IOC, a dynamic checking tool for integer overflows, and used it to conduct the first detailed empirical study… CONTINUE READING
Highly Influential
This paper has highly influenced 19 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 101 citations. REVIEW CITATIONS
Recent Discussions
This paper has been referenced on Twitter 5 times over the past 90 days. VIEW TWEETS
69 Citations
7 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 69 extracted citations

102 Citations

0102030'13'15'17
Citations per Year
Semantic Scholar estimates that this publication has 102 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-7 of 7 references

Integer handling with the C++ SafeInt class

  • D. LeBlanc
  • 2004, http://msdn.microsoft.com/library/default…
  • 2004
Highly Influential
6 Excerpts

CVE-2002-0639: Integer overflow in sshd in OpenSSH

  • MITRE Corporation
  • 2002, http://cve.mitre.org/cgibin/cvename.cgi…
  • 2002
Highly Influential
5 Excerpts

CVE-2010-2753: Integer overflow in Mozilla Firefox, Thunderbird and SeaMonkey

  • ——
  • 2010, http://cve.mitre.org/cgibin/cvename.cgi…
  • 2010
Highly Influential
10 Excerpts

IntegerLib, a secure integer library

  • CERT
  • 2006, http: //www.cert.org/secure-coding…
  • 2006
Highly Influential
8 Excerpts

2011 CWE/SANS Top 25 Most Dangerous Software Errors

  • S. Christey, R. A. Martin, M. Brown, A. Paller, D. Kirby
  • MITRE Corporation, Tech. Report, September 2011…
  • 2011
Highly Influential
4 Excerpts

Similar Papers

Loading similar papers…