Application Security Terminology


Svg Vector Icons : Return to Glossary

Integer Overflows

An Integer Overflow occurs when the result of an arithmetic operation exceeds the maximum size of the integer type used to store it. An Integer Overflow during a buffer length calculation might result in allocating a buffer that is too small to hold the data to be copied into it; a buffer overflow can then result when the data is copied. Or, when calculating a purchase order total, an integer overflow could allow the total to shift from a positive value to a negative one. This would, in effect, give money to the customer in integer-overflowsaddition to their purchases, when the transaction is completed.

When applications allow Integer Overflows to occur, malicious adversaries can use these conditions to influence the value of variables in ways the programmer did not intend.