Page Information

Title:	INT32-C. Ensure that operations on signed integers do not result in overflow
Author:	Robert C. Seacord	Jun 08, 2006
Last Changed by:	David Svoboda	Jul 07, 2023
Tiny Link: (useful for email)	https://wiki.sei.cmu.edu/confluence/x/UtYxBQ
Export As:	Word · PDF

SEI CERT Oracle Coding Standard for Java (1)     Page: NUM00-J. Detect or prevent integer overflow

SEI CERT C Coding Standard (9)     Page: CC. Undefined Behavior     Page: CON07-C. Ensure that compound operations on shared variables are atomic     Page: MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type     Page: INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand     Page: INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors     Page: MSC15-C. Do not depend on undefined behavior     Page: PRE31-C. Avoid side effects in arguments to unsafe macros     Page: INT00-C. Understand the data model used by your implementation(s)     Page: INT10-C. Do not assume a positive remainder when using the % operator

Parent Page     Page: Rule 04. Integers (INT)

• fortify
• cwe-129
• cwe-190
• android-applicable
• ptc
• rose-partial
• rule
• arithmetic
• overflow
• int
• in-cpp

Time	Editor
Jul 07, 2023 08:40	David Svoboda	View Changes
Jun 12, 2023 06:23	Michal Rozenau	View Changes
Parasoft C/C++test 2023.1
Apr 20, 2023 05:14	Jill Britton	View Changes
Jan 18, 2023 11:24	Jill Britton	View Changes
Oct 03, 2022 06:20	Jill Britton

External Links (36)
    https://www.mathworks.com/help/bugfinder/ref/certcruleint32…
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensu…
    https://wiki.sei.cmu.edu/confluence/display/c/CON08-C.+Do+n…
    https://pvs-studio.com/en/docs/warnings/v1070/
    https://pvs-studio.com/en/docs/warnings/v1026/
    https://wiki.sei.cmu.edu/confluence/display/c/INT02-C.+Unde…
    https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliogra…
    gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Code-Gen-Options.html#…
    https://pvs-studio.com/en/docs/warnings/v5010/
    https://cwe.mitre.org/data/index.html680.html
    gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Code-Gen-Options.html#…
    https://wiki.sei.cmu.edu/confluence/display/c/MSC15-C.+Do+n…
    https://taas.trust-in-soft.com/tsnippet/t/06486475
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliogra…
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://wiki.sei.cmu.edu/confluence/display/c/SEI+CERT+C+Co…
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://pvs-studio.com/en/docs/warnings/v1083/
    https://pvs-studio.com/en/docs/warnings/v1085/
    https://cwe.mitre.org/data/index.html
    https://cwe.mitre.org/data/index.html191.html
    https://pvs-studio.com/en/docs/warnings/v1081/
    https://wiki.sei.cmu.edu/confluence/display/c/How+this+Codi…
    https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+…
    https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+n…
    https://wiki.sei.cmu.edu/confluence/display/c/ARR36-C.+Do+n…
    https://www.kb.cert.org/vulnotes/bymetric?searchview&query=…
    cwe.mitre.org/
    cwe.mitre.org/data/definitions/190.html
    https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+n…
    https://wiki.sei.cmu.edu/confluence/display/cplusplus/PVS-S…
    https://wiki.sei.cmu.edu/confluence/display/c/INT34-C.+Do+n…
    https://wiki.sei.cmu.edu/confluence/display/java/SEI+CERT+O…
    https://wiki.sei.cmu.edu/confluence/display/java/NUM00-J.+D…

SEI CERT C Coding Standard (31)     Page: Coverity     Page: ARR36-C. Do not subtract or compare two pointers that do not refer to the same array     Page: TrustInSoft Analyzer_V     Page: Helix QAC     Home page: SEI CERT C Coding Standard     Page: AA. Bibliography     Page: ARR37-C. Do not add or subtract an integer to a pointer to a non-array object     Page: Astrée     Page: Klocwork     Page: Coverity_V     Page: Parasoft     Page: INT35-C. Use correct integer precisions     Page: Klocwork_V     Page: INT30-C. Ensure that unsigned integer operations do not wrap     Page: PVS-Studio_V     Page: Polyspace Bug Finder_V     Page: Parasoft_V     Page: CodeSonar     Page: Polyspace Bug Finder     Page: LDRA_V     Page: INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors     Page: Astrée_V     Page: LDRA     Page: MSC15-C. Do not depend on undefined behavior     Page: INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand     Page: CodeSonar_V     Page: Helix QAC_V     Page: BB. Definitions     Page: ARR30-C. Do not form or use out-of-bounds pointers or array subscripts     Page: INT02-C. Understand integer conversion rules     Page: TrustInSoft Analyzer