# Integer Overflow or Wraparound (CWE-190)

The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value.

- Prevalence: मध्यम 3 भाषाएँ कवर की गईं
- Impact: मध्यम समीक्षा अनुशंसित
- Prevention: प्रलेखित 3 फिक्स उदाहरण

**OWASP:** Security Misconfiguration (A05:2021-Security Misconfiguration) - #5

## Description

An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits. This can lead to buffer overflows, incorrect financial calculations, or security bypasses.

## Prevention

3 Shoulder डिटेक्शन नियमों पर आधारित Integer Overflow के लिए रोकथाम रणनीतियाँ।

### Go

Validate bounds before arithmetic operations with user-controlled integers

### JavaScript

Validate numeric bounds before using user input in allocations or arithmetic

### Python

Validate numeric bounds before arithmetic operations on user input

## Warning Signs

- [MEDIUM] user-controlled values flowing into arithmetic operations without
bounds checking
- [LOW] potential integer overflow in numeric operations

## Consequences

- DoS
- अनधिकृत कोड निष्पादित करना
- एप्लिकेशन डेटा संशोधित करना

## Mitigations

- ऐसी भाषाओं या लाइब्रेरीज़ का उपयोग करें जो integer overflow की जाँच करती हैं
- सत्यापित करें कि इनपुट अपेक्षित सीमाओं के भीतर हों
- ऐसे सुरक्षित अंकगणितीय फ़ंक्शनों का उपयोग करें जो overflow की जाँच करते हैं

## Detection

- Total rules: 3
- Languages: go, javascript, typescript, python

## Rules by Language

### Go (1 rules)

- **Integer Overflow via Unchecked Arithmetic** [MEDIUM]: User-controlled integer used in arithmetic or allocation without bounds checking.
  - Remediation: Validate bounds before arithmetic operations with user input.

```go
count, err := strconv.Atoi(r.URL.Query().Get("count"))
if err != nil || count < 0 || count > 10000 {
    return errors.New("invalid count")
}
buffer := make([]byte, count*1024)
```

Learn more: https://shoulder.dev/learn/go/cwe-190/integer-overflow

### Javascript (1 rules)

- **Integer Overflow via Unchecked Arithmetic** [MEDIUM]: Detects user-controlled values flowing into arithmetic operations without
bounds checking. While JavaScript uses 64-bit floats for most numbers,
integer overflow is still a concern in these scenarios:

1. TypedArrays (Uint8Array, Int32Array, etc.) - values wrap on overflow
2. Bitwise operations - convert to 32-bit signed integers
3. Large number arithmetic affecting security decisions
4. Array/Buffer allocation with user-controlled sizes

Common vulnerable patterns:
- Buffer allocation: Buffer.a
  - Remediation: Validate numeric bounds before using user input in allocations:

```javascript
const MAX_SIZE = 1024 * 1024;
const size = parseInt(req.query.size, 10);

if (isNaN(size) || size < 0 || size > MAX_SIZE) {
  return res.status(400).send('Invalid size');
}

const buffer = Buffer.alloc(size);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-190/integer-overflow

### Typescript (1 rules)

- **Integer Overflow via Unchecked Arithmetic** [MEDIUM]: Detects user-controlled values flowing into arithmetic operations without
bounds checking. While JavaScript uses 64-bit floats for most numbers,
integer overflow is still a concern in these scenarios:

1. TypedArrays (Uint8Array, Int32Array, etc.) - values wrap on overflow
2. Bitwise operations - convert to 32-bit signed integers
3. Large number arithmetic affecting security decisions
4. Array/Buffer allocation with user-controlled sizes

Common vulnerable patterns:
- Buffer allocation: Buffer.a
  - Remediation: Validate numeric bounds before using user input in allocations:

```javascript
const MAX_SIZE = 1024 * 1024;
const size = parseInt(req.query.size, 10);

if (isNaN(size) || size < 0 || size > MAX_SIZE) {
  return res.status(400).send('Invalid size');
}

const buffer = Buffer.alloc(size);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-190/integer-overflow

### Python (1 rules)

- **Integer Overflow / Large Number Handling** [LOW]: Detects potential integer overflow in numeric operations.
  - Remediation: Validate numeric bounds before arithmetic operations.

```python
from flask import request, jsonify

@app.route('/calculate')
def calculate():
    count = int(request.args.get('count', 0))
    if count < 0 or count > 10000:
        return jsonify({'error': 'Invalid count'}), 400

    result = count * unit_price
    return jsonify({'total': result})
```

Learn more: https://shoulder.dev/learn/python/cwe-190/integer-overflow