Understanding integer overflow in C/C++

Will Dietz, Peng Li, John Regehr, Vikram Adve

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors or exploitable vulnerabilities. Although a number of tools for finding these bugs exist, the situation is complicated because not all overflows are bugs. Better tools need to be constructed - but a thorough understanding of the issues behind these errors does not yet exist. We developed IOC, a dynamic checking tool for integer overflows, and used it to conduct the first detailed empirical study of the prevalence and patterns of occurrence of integer overflows in C and C++ code. Our results show that intentional uses of wraparound behaviors are more common than is widely believed; for example, there are over 200 distinct locations in the SPEC CINT2000 benchmarks where overflow occurs. Although many overflows are intentional, a large number of accidental overflows also occur. Orthogonal to programmers' intent, overflows are found in both well-defined and undefined flavors. Applications executing undefined operations can be, and have been, broken by improvements in compiler optimizations. Looking beyond SPEC, we found and reported undefined integer overflows in SQLite, PostgreSQL, SafeInt, GNU MPC and GMP, Firefox, GCC, LLVM, Python, BIND, and OpenSSL; many of these have since been fixed. Our results show that integer overflow issues in C and C++ are subtle and complex, that they are common even in mature, widely used programs, and that they are widely misunderstood by developers.

Original languageEnglish (US)
Title of host publicationProceedings - 34th International Conference on Software Engineering, ICSE 2012
Pages760-770
Number of pages11
DOIs
StatePublished - Jul 30 2012
Event34th International Conference on Software Engineering, ICSE 2012 - Zurich, Switzerland
Duration: Jun 2 2012Jun 9 2012

Publication series

NameProceedings - International Conference on Software Engineering
ISSN (Print)0270-5257

Other

Other34th International Conference on Software Engineering, ICSE 2012
Country/TerritorySwitzerland
CityZurich
Period6/2/126/9/12

Keywords

  • integer overflow
  • integer wraparound
  • undefined behavior

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Understanding integer overflow in C/C++'. Together they form a unique fingerprint.

Cite this