software security

Question

0.00/5 (No votes)

See more:

C#

can any one explain what is multiple integer overflow vulnerability with C# example?

Posted 9-Jan-10 7:58am

iswariya

Add a Solution

4 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dimitri Witkowski · Answer 1 · 2010-01-09T08:12:00

Here's a very simple example:

C#

public class Program {
    static void Main(string[] args) {
        Charge(int.MaxValue);
    }

    private static void Charge(int amount) {
        int processingFee = 10;
        Console.WriteLine("Balance: " + -(amount + processingFee));
    }
}

We see a very large balance ;-)

#realJSOP · Answer 2 · 2010-01-09T08:13:00

When I googled this (like you should have), I found this:

In some situations a program may make the assumption that a variable always contains a positive value. If the variable has a signed integer type an overflow can cause its value to wrap and become negative, violating the assumption contained in the program and perhaps leading to unintended behavior. Similarly, subtracting from a small unsigned value may cause it to wrap to a large positive value which may also be an unexpected behavior. Multiplying or adding two integers may result in a value that is non-negative, but unexpectedly small. If this number is used as the number of bytes to allocate for a buffer, the buffer will be allocated unexpectedly small, leading to a potential buffer overflow.

I leav it to you to do the rest of your research.

iswariya · Answer 3 · 2010-01-09T08:42:00

Solution 3

then may i know wat is the difference between integer overflow and multiple integer overflow?

Posted 9-Jan-10 8:42am

iswariya

#realJSOP · Answer 4 · 2010-01-09T13:45:00

Solution 4

My guess would be having more than one...

Posted 9-Jan-10 13:45pm

#realJSOP

software security

4 solutions

Solution 1

Solution 2

Solution 3

Solution 4

Add your solution here

Preview 0