Revision as of 12:20, 27 October 2018 edit Jhertel (talk \| contribs) Extended confirmed users 4,574 edits →Integer-overflow prevention: Attempt to rewrite section which in its totality didn't make sense before. Also made clear that the language is C++; other languages might limit the size of an "unsigned int" only to available system memory and/or throw an exception on overflow, in which case this problem doesn't exist in that language. Comparison to MAX also changed from < to <=, as the name MAX (="maximum") implies that the value MAX is a valid value. Tag: Visual edit ← Previous edit		Revision as of 12:22, 27 October 2018 edit undo Jhertel (talk \| contribs) Extended confirmed users 4,574 edits →Integer-overflow prevention: Missed a correction. Tag: Visual edit Next edit →
Line 58: The problem with the code is it does not check for integer overflow on the addition operation. If the sum of x and y is greater than the maximum possible value of an <code>unsigned int</code>, the addition operation will overflow and perhaps<!-- Note that an overflow will not always result in the calculated sum being less than MAX; MAX might be relatively small and both x and y relatively big, so even an overflow might still be greater than MAX. Example: x=y=UINT_MAX, MAX=1000000. --> result in a value less than or equal to MAX, even though the sum of x and y is greater than MAX. Below is a ~~program~~function which checks for overflow by confirming the sum is greater than or equal to both x and y. If the sum did overflow, the sum would be less than x or less than y. <syntaxhighlight lang="c++"> bool sumIsValid_secure(unsigned int x, unsigned int y) {

Secure coding: Difference between revisions