Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    Copyright
    The SEI Series in Software Engineering
    Preface
    Acknowledgments
    About the Author
    Ch. 1. Using This Standard
    Ch. 2. Preprocessor (PRE)
    Ch. 3. Declarations and Initialization (DCL)
    Ch. 4. Expressions (EXP)
    Ch. 5. Integers (INT)
    INT00-C. Understand the data model used by your implementation(s)
    INT01-C. Use rsize_t or size_t for all integer values representing the size of an object
    INT02-C. Understand integer conversion rules
    INT03-C. Use a secure integer library
    INT04-C. Enforce limits on integer values originating from untrusted sources
    INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs
    INT06-C. Use strtol() or a related function to convert a string token to an integer
    INT07-C. Use only explicitly signed or unsigned char type for numeric values
    INT08-C. Verify that all integer values are in range
    INT09-C. Ensure enumeration constants map to unique values
    INT10-C. Do not assume a positive remainder when using the % operator
    INT11-C. Take care when converting from pointer to integer or integer to pointer
    INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression
    INT13-C. Use bitwise operators only on unsigned operands
    INT14-C. Avoid performing bitwise and arithmetic operations on the same data
    INT15-C. Use intmax_t or uintmax_t for formatted I/O on programmer-defined integer types
    INT30-C. Ensure that unsigned integer operations do not wrap
    INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
    INT32-C. Ensure that operations on signed integers do not result in overflow
    Addition
    Subtraction
    Multiplication
    Division
    Modulo
    Unary Negation
    Left-Shift Operator
    INT33-C. Ensure that division and modulo operations do not result in divide-by-zero errors
    INT34-C. Do not shift a negative number of bits or more bits than exist in the operand
    INT35-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
    Ch. 6. Floating Point (FLP)
    Ch. 7. Arrays (ARR)
    Ch. 8. Characters and Strings (STR)
    Ch. 9. Memory Management (MEM)
    Ch. 10. Input/Output (FIO)
    Ch. 11. Environment (ENV)
    Ch. 12. Signals (SIG)
    Ch. 13. Error Handling (ERR)
    Ch. 14. Miscellaneous (MSC)
    POSIX (POS)
    Glossary
    References
    Index
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 5. Integers (INT) > INT32-C. Ensure that operations on signed integers ...

    INT32-C. Ensure that operations on signed integers do not result in overflow

    Integer overflow is undefined behavior. This means that implementations have a great deal of latitude in how they deal with signed integer overflow. An implementation that defines signed integer types as being modulo, for example, need not detect integer over-flow. Implementations may also trap on signed arithmetic overflows or simply assume that overflows will never happen and generate object code accordingly (see MSC15-C, “Do not depend on undefined behavior”). For these reasons, it is important to ensure that operations on signed integers do not result in signed overflow. Of particular importance, however, are operations on signed integer values that originate from untrusted sources and are used in any of the following ways:

    • as an array index

    • in any pointer arithmetic

    • as a length or size of an object

    • as the bound of an array (for example, a loop counter)

    • as an argument to a memory allocation function

    • in security-critical code


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial