Integers represent a growing and underestimated source of vulnerabilities in C and C++ programs. The CERT Program's Secure Coding Initiative has been working on a number of solutions for addressing the issue of integral security, including the as-if infinitely ranged (AIR) integer paper and prototype, a secure integer library, and a paper on ranged integers.
As-if Infinitely Ranged Integer Model
Integer overflow and wraparound are major causes of software vulnerabilities in the C and C++ programming languages. In this paper we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow and integer truncation. The AIR integer model either produces a value equivalent to one that would have been obtained using infinitely ranged integers or results in a runtime constraint violation. Unlike previous integer models, AIR integers do not require precise traps and consequently do not break or inhibit most existing optimizations.
An SEI technical note has been published describing the as-if infinitely ranged integer model. A prototype of the as-if infinitely ranged integer model has also been developed for the GCC, version 4.5.0: air-patch.tar.bz2.
The SEI technical note Ranged Integers for the C Programming Language describes an extension to the C programming language to introduce the notion of ranged integers, that is, integer types with a defined range of values. A variable of a ranged integer type will always have a value within the defined range as a result of initialization or assignment. Use of ranged integers would help prevent integer overflow errors and thus would result in more reliable and secure C programs. The syntax and semantics of ranged integers are presented, and some examples are given to illustrate their use.
Last updated November 7, 2011