Understanding integer overflow in C/C++

@article{Dietz2012UnderstandingIO,
  title={Understanding integer overflow in C/C++},
  author={Will Dietz and Peng Li and John Regehr and Vikram S. Adve},
  journal={2012 34th International Conference on Software Engineering (ICSE)},
  year={2012},
  pages={760-770}
}
  • Will Dietz, Peng Li, V. Adve
  • Published 2 December 2015
  • Computer Science
  • 2012 34th International Conference on Software Engineering (ICSE)
Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors or exploitable vulnerabilities. Although a number of tools for finding these bugs exist, the situation is complicated because not all overflows are bugs. Better tools need to be constructed - but a thorough understanding of the issues behind these errors does not yet exist. We developed IOC, a dynamic checking tool for integer overflows, and used it to conduct the first detailed empirical study… 

Figures and Tables from this paper

2 Understanding Integer Overflow in C / C + +
TLDR
IOC, a dynamic checking tool for integer overflow, is developed and used to conduct the first detailed empirical study of the prevalence and patterns of occurrence of integer overflows in C and C++ code, showing that intentional uses of wraparound behaviors are more common than is widely believed.
A Understanding Integer Overflow in C / C + + 1
TLDR
IOC, a dynamic checking tool for integer overflows, is developed and used to conduct the first detailed empirical study of the prevalence and patterns of occurrence ofinteger overflows in C and C++ code.
SMT-constrained symbolic execution engine for integer overflow detection in C code
TLDR
An integer overflow checker which is based on precise modeling of C language semantics and symbolic function models is presented which is effective to be applied in future to C++ programs as well, in order to detect other kinds of vulnerabilities related to integers.
Practical Integer Overflow Prevention
TLDR
The evaluation results show that IntGuard can precisely repair integer overflows with low computational and runtime overhead repair programs with very small binary and source code blow-up and is more time-effective and achieves a higher repair success rate than manually generated code repairs.
Integers In C: An Open Invitation To Security Attacks?
TLDR
An empirical study to explore how closely well-known, open source C programs follow the safe C standards for integer behavior finds that integer issues are ubiquitous and a preprocessor-aware, tool-assisted approach may be the most viable way to migrate legacy C code to comply with the standards for secure programming.
Tolerating C Integer Error via Precision Elevation
TLDR
This paper proposes a novel approach to automate C integer error repair by elevating the precision of arithmetic operations according to a set of code transformation rules, which is fully automatic without requiring code specifications.
Monitoring of Aging Software Systems Affected by Integer Overflows
TLDR
This paper presents some examples of integer overflow issues of the MySQL open-source DBMS, and an approach for identifying symptoms of potential integer overflows by on-line monitoring.
Integer Overflow Detection with Delayed Runtime Test
TLDR
This paper proposes an approach to eliminate the false positives stemming from incorrectly or not considering the sanitization code in target programs that is designed by developers to catch integer overflows, and delays the test until the locations where the result of the arithmetic operation is about to be used by sensitive operations.
N ov 2 01 7 Practical Integer Overflow Prevention
TLDR
INTGUARD is a symbolic execution based tool that can repair integer overflows with high-quality source code repairs and is more time-effective and achieves a higher repair success rate than manually generated code repairs.
Automatic Fix for C Integer Errors by Precision Improvement
TLDR
The results show that CIntFix is capable to fix integer errors in real-world C programs and processes C source code at the rate of 0.157s/KLOC and the fixed programs have 18.0% slowdown on average.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 43 REFERENCES
Understanding integer overflow in C/C++
TLDR
IOC, a dynamic checking tool for integer overflows, is developed and used to conduct the first detailed empirical study of the prevalence and patterns of occurrence ofinteger overflows in C and C++ code, and shows that intentional uses of wraparound behaviors are more common than is widely believed.
RICH: Automatically Protecting Against Integer-Based Vulnerabilities
TLDR
RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time, is presented and it is shown that safe and unsafe integer operations in C can be captured by well-known sub-typing theory.
IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution
TLDR
This paper presents a system, IntScope, which can automatically detect integer overflow vulnerabilities in x86 binaries before an attacker does, with the goal of finally eliminating the vulnerabilities.
As-If Infinitely Ranged Integer Model
TLDR
The runtime overhead of the As-if Infinitely Ranged (AIR) Integer model is low enough that typical applications can enable it in deployed systems for additional runtime protection.
Dynamic Test Generation to Find Integer Bugs in x86 Binary Linux Programs
TLDR
New methods for discovering integer bugs using dynamic test generation on x86 binaries using SmartFuzz and the black-box fuzz testing tool zzuf are introduced, and key design choices in efficient symbolic execution of such programs are described.
BRICK: A Binary Tool for Run-Time Detecting and Locating Integer-Based Vulnerability
TLDR
Preliminary experimental results are quit promising: BRICK can detect and locate most of integer-based vulnerability in real software, and has very low false positives and negatives.
LLVM: a compilation framework for lifelong program analysis & transformation
  • Chris Lattner, V. Adve
  • Computer Science
    International Symposium on Code Generation and Optimization, 2004. CGO 2004.
  • 2004
TLDR
The design of the LLVM representation and compiler framework is evaluated in three ways: the size and effectiveness of the representation, including the type information it provides; compiler performance for several interprocedural problems; and illustrative examples of the benefits LLVM provides for several challenging compiler problems.
2010 CWE/SANS Top 25 Most Dangerous Software Errors
The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common
Valgrind: A Program Supervision Framework
An investigation of the Therac-25 accidents
TLDR
A detailed investigation of the factors involved in the software-related overdoses and attempts by users, manufacturers, and government agencies to deal with the accidents is presented.
...
1
2
3
4
5
...