Security Vulnerability : What is the error in this piece of code?
Question
I was reading this book on my own , just for fun , and came across the following question :
This code has a security vulnerability ; Can you find and fix it? :
bool isValidAddition(unsigned short x, unsigned short y)
{
if(x + y < x)
return false;
else
return true;
}
Can someone help me , recognize the vulnerability ?
1 answers
solution1
0 ACCPTED 2015-04-27 05:36:38
We know that the following points are true as per the C Standard :
- sizeof(short) <= sizeof(int) <= sizeof(long)
- sizeof(short) >= 2 bytes , sizeof(int) >= 2 bytes, sizeof(long) >= 4 bytes
- There is an implicit integer promotion of operand data types used in arithmetic expressions which is done by the compiler
So in the code snippet above do the following :
Change
if(x + y < x)
to
if((unsigned short)(x + y) < x)
This will worrk if int is 4 (or >2) bytes
Hope this helps :)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
What is the vulnerability in this C code?
Bus error - What's wrong with this piece of code?
What is the problem with this piece of code?
What is the complexity of this piece of code
What is the problem with the following piece of code?
What is the `.arr` function in this piece of code?
Code vulnerability
What is the running time complexity of the following piece of code?
What does this piece of Ragel Code do?
What does the following piece of code do
Related Tags