Difference between revisions of "Wrap-around error"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
 +
{{Template:Vulnerability}}
  
==Overview==
+
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
  
Wrap around errors occur whenever a value is incriminated past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.
+
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
==Consequences ==
+
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
  
* Availability: Wrap-around errors generally lead to undefined behavior, infinite loops, and therefore crashes.
+
[[ASDR Table of Contents]]
 +
__TOC__
  
* Integrity: If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
 
  
* Access control (instruction processing): A wrap around can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
+
==Description==
  
==Exposure period ==
+
Wrap around errors occur whenever a value is incriminated past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.
  
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
+
'''Consequences'''
  
* Design: If the flow of the system, or the protocols used, are not well defined, it may make the possibility of wrap-around errors more likely.
+
* Availability: Wrap-around errors generally lead to undefined behavior, infinite loops, and therefore crashes.
 +
* Integrity: If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
 +
* Access control (instruction processing): A wrap around can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
  
* Implementation: Many logic errors can lead to this condition.
+
'''Exposure period'''
  
==Platform ==
+
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
 +
* Design: If the flow of the system, or the protocols used, are not well defined, it may make the possibility of wrap-around errors more likely.
 +
* Implementation: Many logic errors can lead to this condition.
  
* Language: C, C++, Fortran, Assembly
+
'''Platform'''
  
* Operating System: Any
+
* Language: C, C++, Fortran, Assembly
 +
* Operating System: Any
  
==Required resources ==
+
'''Required resources'''
  
 
Any
 
Any
  
==Severity ==
+
'''Severity'''
  
 
High
 
High
  
==Likelihood of exploit ==
+
'''Likelihood of exploit'''
  
 
Medium
 
Medium
  
==Avoidance and mitigation ==
+
Due to how addition is performed by computers, if a primitive is incremented past the maximum value possible for its storage space, the system will fail to recognize this, and therefore increment each bit as if it still had extra space.
  
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
+
Because of how negative numbers are represented in binary, primitives interpreted as signed may "wrap" to very large negative values.  
  
* Design: Provide clear upper and lower bounds on the scale of any protocols designed.
+
==Risk Factors==
  
* Implementation: Place sanity checks on all incremented variables to ensure that they remain within reasonable bounds.
+
* Talk about the [[OWASP Risk Rating Methodology|factors]] that make this vulnerability likely or unlikely to actually happen
 +
* Discuss the technical impact of a successful exploit of this vulnerability
 +
* Consider the likely [business impacts] of a successful attack
  
==Discussion ==
 
  
Due to how addition is performed by computers, if a primitive is incremented past the maximum value possible for its storage space, the system will fail to recognize this, and therefore increment each bit as if it still had extra space.
+
==Examples==
  
Because of how negative numbers are represented in binary, primitives interpreted as signed may "wrap" to very large negative values.  
+
See the Examples section of the problem type [[Integer overflow]] for an example of wrap-around errors.
  
==Examples ==
 
  
See the Examples section of the problem type [[Integer overflow]] for an example of wrap-around errors.
+
==Related [[Attacks]]==
  
==Related problems ==
+
* [[Attack 1]]
 +
* [[Attack 2]]
  
* [[Integer overflow]]
 
  
* [[Unchecked array indexing]]
+
==Related [[Vulnerabilities]]==
  
 +
* [[Integer overflow]]
 +
* [[Unchecked array indexing]]
  
[[Category:Vulnerability]]
 
  
[[Category:Range and Type Error Vulnerability]]
+
==Related [[Controls]]==
  
 +
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
 +
* Design: Provide clear upper and lower bounds on the scale of any protocols designed.
 +
* Implementation: Place sanity checks on all incremented variables to ensure that they remain within reasonable bounds.
 +
 +
==Related [[Technical Impacts]]==
 +
 +
* [[Technical Impact 1]]
 +
* [[Technical Impact 2]]
 +
 +
 +
==References==
 +
 +
TBD
 +
[[Category:FIXME|add links
 +
 +
In addition, one should classify vulnerability based on the following subcategories: Ex:<nowiki>[[Category:Error Handling Vulnerability]]</nowiki>
 +
 +
Availability Vulnerability
 +
 +
Authorization Vulnerability
 +
 +
Authentication Vulnerability
 +
 +
Concurrency Vulnerability
 +
 +
Configuration Vulnerability
 +
 +
Cryptographic Vulnerability
 +
 +
Encoding Vulnerability
 +
 +
Error Handling Vulnerability
 +
 +
Input Validation Vulnerability
 +
 +
Logging and Auditing Vulnerability
 +
 +
Session Management Vulnerability]]
 +
 +
__NOTOC__
 +
 +
 +
[[Category:OWASP ASDR Project]]
 +
[[Category:Vulnerability]]
 +
[[Category:Range and Type Error Vulnerability]]
 
[[Category:OWASP_CLASP_Project]]
 
[[Category:OWASP_CLASP_Project]]

Revision as of 11:15, 3 October 2008

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 10/3/2008

Vulnerabilities Table of Contents

ASDR Table of Contents

Contents


Description

Wrap around errors occur whenever a value is incriminated past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

Consequences

  • Availability: Wrap-around errors generally lead to undefined behavior, infinite loops, and therefore crashes.
  • Integrity: If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
  • Access control (instruction processing): A wrap around can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.

Exposure period

  • Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
  • Design: If the flow of the system, or the protocols used, are not well defined, it may make the possibility of wrap-around errors more likely.
  • Implementation: Many logic errors can lead to this condition.

Platform

  • Language: C, C++, Fortran, Assembly
  • Operating System: Any

Required resources

Any

Severity

High

Likelihood of exploit

Medium

Due to how addition is performed by computers, if a primitive is incremented past the maximum value possible for its storage space, the system will fail to recognize this, and therefore increment each bit as if it still had extra space.

Because of how negative numbers are represented in binary, primitives interpreted as signed may "wrap" to very large negative values.

Risk Factors

  • Talk about the factors that make this vulnerability likely or unlikely to actually happen
  • Discuss the technical impact of a successful exploit of this vulnerability
  • Consider the likely [business impacts] of a successful attack


Examples

See the Examples section of the problem type Integer overflow for an example of wrap-around errors.


Related Attacks


Related Vulnerabilities


Related Controls

  • Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
  • Design: Provide clear upper and lower bounds on the scale of any protocols designed.
  • Implementation: Place sanity checks on all incremented variables to ensure that they remain within reasonable bounds.

Related Technical Impacts


References

TBD