CERT
 
Publications Catalog Historical Documents Authorized Users of "CERT" US-CERT Vulnerability Notes Database Vulnerability Disclosure Policy Courses Link to US-CERT cylab
 

Integral Security

Integers represent a growing and underestimated source of vulnerabilities in C and C++ programs. CERT's Secure Coding Initiative has been working on a number of solutions for addressing the issue of integral security including the AIR integer paper and prototype, a secure integer library, and a paper on ranged integers.

As-if Infinitely Ranged Integer Model

Integer overflow and wraparound are major causes of software vulnerabilities in the C and C++ programming languages. In this paper we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow and integer truncation. The AIR integer model either produces a value equivalent to one that would have been obtained using infinitely ranged integers or results in a runtime constraint violation. Unlike previous integer models, AIR integers do not require precise traps, and consequently do not break or inhibit most existing optimizations.

A new SEI technical note has been published describing the As-if Infinitely Ranged Integer Model. Please visit the following page to download the PDF version of the report. http://www.sei.cmu.edu/library/abstracts/reports/09tn023.cfm

A prototype of the As-if Infinitely Ranged Integer Model has also been developed for the following versions of GCC:

GCC 4.4.0
air-1.0-4.4.0.tar.bz2

GCC 4.5.0 (svn)
air-1.0-4.5.0.tar.bz2

Secure Integer Library

This secure integer library includes functions for safe integer conversions and arithmetic operations. A beta version of the secure integer library is available at http://www.cert.org/secure-coding/IntegerLib.zip.

Ranged Integers

This report describes an extension to the C programming language to introduce the notion of ranged integers, that is, integer types with a defined range of values. A variable of a ranged integer type will always have a value within the defined range as a result of initialization or assignment. Use of ranged integers would help prevent integer overflow errors and thus would result in more reliable and secure C programs. The syntax and semantics of ranged integers are presented, and some examples are given to illustrate their use.

Please visit the following page to download the PDF version of the SEI technical note "Ranged Integers for the C Programming Language": http://www.sei.cmu.edu/library/abstracts/reports/07tn027.cfm

Last updated February 19, 2009