OWASP Periodic Table of Vulnerabilities - Integer Overflow/Underflow
Integer Overflow / Underflow
Root Cause Summary
Arithmetic operations cause a number to either grow too large to be represented in the number of bits allocated to it, or too small. This could cause a positive number to become negative or a negative number to become positive, resulting in unexpected/dangerous behavior.
Browser / Standards Solution
Generic Framework Solution
The framework should provide safe object wrappers for numerical data types, just as it does for other generic data types such as phone numbers and email addresses. All arithmetic operations performed on primitive numeric types in the framework should perform overflow/underflow checks first.
Custom Framework Solution
Custom Code Solution
Never perform arithmetic operations on numeric primitives without strict checking for overflow/underflow conditions.
Discussion / Controversy
Static analysis can be quite helpful in checking for possible overflow/underflow conditions.
Some runtime environments automatically check for overflow/underflow and trigger exceptions, but no mainstream language runtimes used for web application development currently do this except for some flavors of Python. This vulnerability category may be a candidate to be completely solved in the platform or framework if enough pressure can be placed on language runtime developers to implement a solution.