Integer overflow may fail some important security checks, which can lead to privilege escalation, or can lead to denial-of-service (DoS) attacks. For example, a loop counter can lead to infinitive or very long loops, or to excessive memory allocation, if large numbers of objects are requested. All operations can lead to problems, not just addition and multiplication.

Klocwork security vulnerability (SV) checkers identify calls that create potentially dangerous data; these calls are considered unsafe sources. An unsafe source can be any data provided by the user, since the user could be an attacker or has the potential for introducing human error.

Mitigation and prevention

Make sure any int values you process are in the correct range and, if they are expecting size values, always check that the values are not negative and check again the allowable top limit.

Example 1

19    protected void doPost(HttpServletRequest req,
20        HttpServletResponse resp) throws ServletException,
21        IOException {
22      String amount = req.getParameter("creditAmount");
23      int value = Integer.parseInt(amount);
24      int prevCreditBalance = getCreditBalance(req
25          .getParameter("user"));
26      // maximum credit is 5000
27      if (prevCreditBalance + value > 5000) {
28        // transaction
29        dosomething();
30      }
31      // ...
32    }

Klocwork produces the following report:

com/klocwork/examples/Example_117.java:27:Severe(2): SV.INT_OVF: Tainted data value from getParameter().$RET used in arithmetic operation '+' can cause integer overflow or unexpected result -> getParameter().$RET at com/klocwork/examples/Example_117.java:22 -> amount at com/klocwork/examples/Example_117.java:22 23 -> parseInt().$RET at com/klocwork/examples/Example_117.java:23 -> value at com/klocwork/examples/Example_117.java:23 27

Security guidelines

Extension

This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.