Wrap-around Error
Weakness ID: 128 (Weakness Base)Status: Incomplete
+ Description

Description Summary

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.
+ Time of Introduction
  • Implementation
+ Applicable Platforms

Languages

C: (Often)

C++: (Often)

+ Common Consequences
ScopeEffect
Availability

Wrap-around errors generally lead to undefined behavior, infinite loops, and therefore crashes.

Integrity

If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.

Integrity

A wrap around can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.

+ Likelihood of Exploit

Medium

+ Potential Mitigations

Requirements specification: The choice could be made to use a language that is not susceptible to these issues.

Phase: Architecture and Design

Provide clear upper and lower bounds on the scale of any protocols designed.

Phase: Implementation

Place sanity checks on all incremented variables to ensure that they remain within reasonable bounds.

+ Background Details

Due to how addition is performed by computers, if a primitive is incremented past the maximum value possible for its storage space, the system will fail to recognize this, and therefore increment each bit as if it still had extra space. Because of how negative numbers are represented in binary, primitives interpreted as signed may "wrap" to very large negative values.

+ Weakness Ordinalities
OrdinalityDescription
Primary
(where the weakness exists independent of other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory189Numeric Errors
Development Concepts699
ChildOfWeakness ClassWeakness Class682Incorrect Calculation
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory742CERT C Secure Coding Section 08 - Memory Management (MEM)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
CanPrecedeWeakness ClassWeakness Class119Failure to Constrain Operations within the Bounds of a Memory Buffer
Research Concepts1000
PeerOfWeakness BaseWeakness Base190Integer Overflow or Wraparound
Research Concepts1000
+ Relationship Notes

The relationship between overflow and wrap-around needs to be examined more closely, since several entries (including CWE-190) are closely related.

+ Causal Nature

Explicit

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CLASPWrap-around error
CERT C Secure CodingMEM07-CEnsure that the arguments to calloc(), when multiplied, can be represented as a size t
+ Related Attack Patterns
CAPEC-IDAttack Pattern Name
(CAPEC Version: 1.4)
92Forced Integer Overflow
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Background Details, Common Consequences, Relationships, Relationship Notes, Taxonomy Mappings, Weakness Ordinalities
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2009-10-29CWE Content TeamMITREInternal
updated Common Consequences, Relationships