Integer Underflow (Wrap or Wraparound) |
Weakness ID: 191 (Weakness Base) | Status: Draft |
Description Summary
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
Extended Description
This can happen in signed and unsigned cases.
Integer underflow: | "Integer underflow" is sometimes used to identify signedness errors in which an originally positive number becomes negative as a result of subtraction. However, there are cases of bad subtraction in which unsigned integers are involved, so it's not always a signedness issue. "Integer underflow" is occasionally used to describe array index errors in which the index is negative. |
---|
Example 1
The following example has an integer underflow. The value of i is already at the lowest negative value possible. The new value of i is 2147483647.
(Bad Code)
Example Language: C
#include <stdio.h>
#include <stdbool.h>
main (void)
{
int i;
unsigned int j = 0;
i = -2147483648;
i = i - 1;
j = j - 1;
return 0;
}
Reference | Description |
---|---|
CVE-2004-0816 | Integer underflow in firewall via malformed packet. |
CVE-2004-1002 | Integer underflow by packet with invalid length. |
CVE-2005-0199 | Long input causes incorrect length calculation. |
CVE-2005-1891 | Malformed icon causes integer underflow in loop counter variable. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Class | 682 | Incorrect Calculation | Development Concepts (primary)699 Research Concepts (primary)1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Integer underflow (wrap or wraparound) |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Demonstrative Example | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Alternate Terms, Applicable Platforms, Relationships, Taxonomy Mappings | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Description | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Demonstrative Examples |