Integer Overflow Attack

From Guidance Share
Jump to navigationJump to search


In computer programming, an integer overflow is an anomalous condition which may cause a buffer overflow, resulting in a computer security risk where adjacent, valid program control data may be overwritten, permitting the execution of arbitrary, and potentially harmful code. (


  • Integer assignment or integer operations being carried out without validating the untrusted input


  • Utilize platform checks for integer overflow/underflow (e.g., CheckForOverflowUnderflow in C#, RemoveIntegerChecks in VB.NET)
  • Validate the untrusted input for upper and lower limits