Numeric overflow conditions are also referred to in secure-programming literature as numeric overflows, arithmetic overflows, integer overflows, or integer wrapping. Numeric underflow conditions can be referred to as numeric underflows, arithmetic underflows, integer underflows, or integer wrapping. Specifically, the terms “wrapping around a value” or “wrapping below zero” might be used.
Although these conditions might seem as though they would be infrequent or inconsequential in real code, they actually occur quite often, and their impact can be quite severe from a security perspective. The incorrect result of an arith...
- Chapter 6. C Language Issues
- from The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
- Publisher: Addison-Wesley Professional
- Released: November 2006
Why Overflow and Undeflows matter?
Share this highlighthttp://www.safaribooksonline.com/a/the-art-of/59004/