View
222
Download
1
Category
Tags:
Preview:
Citation preview
CSCE 548
Integer Overflows
Format String Problem
Arithmetic OperationsNumber system: base, radix
724.5 == 7102 + 2 101 +4 100 +5 10-1
Binary, Octal, Hexadecimal representation
Fixed point representation Sign, magnitude, decimal point
Complements: represent negative numbersr’s complement -- 2’s complement(r-1)’s complement – 1’s complement
1’s complement of 1010 is 0101 2’s complement of 1010 is 0101 + 1 = 0110
Binary Fixed Point Positive number: 0 and the magnitude by a
positive binary numberNegative number: 1 (sign) and
Signed magnitureSigned 1’s complement Signed 2’s complement
+9: 0 001001-9:
Signed magnitude: 1 001001Signed 1’s complement: 1 110110Signed 2’s complement: 1 110111
Arithmetic AdditionAdding two signed numbers: need to compare signs and
relative magnitudesSign + magnitude: as aboveSign + signed 2’s complement:
Add the two numbers and sign bits, discard any carry out on the left
Example: +6 0 000110 +6 0 000110
+9 0 001001 -9 1 110111
+15 0 001111 -3 1 111101
OverflowTwo numbers of n digit each are added and the
sum occupies n+1 digitsTrue for binary or decimal numbers, signed or
unsignedCannot occur after an addition if one number is
positive and the other is negativeUsing sign-magnitude representation, the
overflow can be detected by the carry out of the number bit
Adding 2’s complement, the sign is treated as part of the number, therefore the carry out does not indicate overflow
Problems with overflow:Fixed size registersMost computers check for register overflow
overflow flip-flop
C/C++ Data Types
Source: http://hubpages.com/hub/Data-Types-in-C-Language
Type Casting
Casting Operations
Casting Operations
Casting Operations
Implicit Casting
Security Concerns
Mitigation
Understand casting (explicit / implicit, sign-extension)
Understand data types (signed / unsigned, range)
Understand operators (upcasting, return types)
Verify user input
Don't depend on your compiler
Format string attacksC/C++ most strongly affected
Not validating user input is the main reason for format string problems
Reading strings from a compromised file another vulnerability
How it affects securityAccess Control: Redirect execution to malicious
code
Confidentiality: Can expose information about a program that can lead to further exploitation
Integrity: Values can be overwritten in memory
Summary Lexical source code scanners can detect the errors Do use fixed format stringsDo NOT pass user intput directly as the format
string functions.Do avoid using printf(), scanf() family of functions if
you can.
Recommended