Integer Overflow

Integer overflow is a type of software vulnerability that occurs when a program tries to store an integer value larger than the maximum value that the data type can hold, causing the value to wrap around to a lower value or overflow into adjacent memory space.

may lead to crashing or data corruption or trigger a buffer overflow

Mars Climate Orbiter Example

this occurred during NASA’s Mars Climate Orbiter mission in 1999

during the mission, orbiter was lost due to a navigation error caused by integer overflow

navigation software used a 16-bit signed integer to represent the force of the thrusters

the actual force of the thrusters was much larger than the maximum value that the integer was designed to hold

when the orbiter’s software tried to convert the observed force to a 16-bi integer value, an integer overflow occurred

causing the value to “wrap around” to a negative value

resulting in a miscalculation of the orbiter’s trajectory

causing it to burn up in the Maritan atmosphere

Mitigate

use secure coding practices:
- input validation
- range-checking
- type-safe libraries
- to ensure the integer values are correctly handled

adam's notes

Table of Contents

Integer Overflow

Mitigate

Graph View

Backlinks