Integer Overflow
What is Integer Overflow?
Integer OverflowA bug where an arithmetic operation produces a value outside the representable range of its integer type, wrapping or truncating in security-critical ways.
Integer overflows occur when computations exceed the maximum (or minimum) value an integer type can hold, causing wraparound, sign flips, or truncation. They become security issues when the wrong value is later used as a buffer size, loop counter, array index, or authorization check — frequently producing buffer overflows, infinite loops, or bypassed limits. Defences include checked arithmetic (Rust checked_add, C23 ckd_*, compiler -ftrapv), wide-then-narrow patterns with explicit range checks, type choices that match the data, and aggressive fuzzing. Many high-impact CVEs in image codecs, font parsers and kernels stem from integer overflow chains.
● Examples
- 01
CVE-2002-0639 (OpenSSH challenge-response) — integer overflow leading to heap corruption.
- 02
CVE-2018-9568 (Android WiFi) — integer overflow in 802.11 frame handling.
● Frequently asked questions
What is Integer Overflow?
A bug where an arithmetic operation produces a value outside the representable range of its integer type, wrapping or truncating in security-critical ways. It belongs to the Vulnerabilities category of cybersecurity.
What does Integer Overflow mean?
A bug where an arithmetic operation produces a value outside the representable range of its integer type, wrapping or truncating in security-critical ways.
How do you defend against Integer Overflow?
Defences for Integer Overflow typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Integer Overflow?
Common alternative names include: Integer wraparound.