Re: [OT] Resources to understand integer overflow bugs ?

[Peter Varga <peter.varga@screaminet.com>]

A bit more ellaborately, I add an example for type mismanagement.  I
saw someone wrote a program in yacc, that later I needed to correct.
However almost any similar union will do, if not used correctly. The
different lenghts of these can lead to real troubles. Not very obvious
to spot.

%union {
int i;
char c;
char *pc;
struct with_many_things in_it;
};

In my example it was a poor design problem.

On Sat, Jun 29, 2002 at 11:09:12AM -0600, Theo de Raadt wrote:
> > Could someone point me to some easy to understand resources explaining
> > how integer overflow, like the OpenSSH one, occur ?
> 
> Type mismanagement.
> 
> > What I'm looking for is not how to exploit them, but how to avoid and
> > detect them in your own programs, with, for example, case studies of
> > different integer overflow bugs, to be able to recognize them faster.
> 
> Pay attention to types, and use unsigned ints more often.
> 
> That's about it.  Yes, it is hard.  You expected this to be easy?