# Integer Overflow or Wraparound (CWE-190)

The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value.

**Stack:** JavaScript

- Prevalence: 보통 3개 언어 지원
- Impact: 보통 검토 권장
- Prevention: 문서화됨 3개의 수정 예시

**OWASP:** Security Misconfiguration (A05:2021-Security Misconfiguration) - #5

## Description

An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits. This can lead to buffer overflows, incorrect financial calculations, or security bypasses.

## Prevention

1개의 Shoulder 탐지 규칙을 기반으로 한 Integer Overflow 예방 전략.

### JavaScript

Validate numeric bounds before using user input in allocations or arithmetic

## Warning Signs

- [MEDIUM] user-controlled values flowing into arithmetic operations without
bounds checking

## Consequences

- DoS
- 승인되지 않은 코드 실행
- 애플리케이션 데이터 수정

## Mitigations

- 정수 오버플로를 검사하는 언어나 라이브러리를 사용하세요
- 입력이 예상되는 범위 내에 있는지 검증하세요
- 오버플로를 검사하는 안전한 산술 함수를 사용하세요

## Detection

- Total rules: 3
- Languages: go, javascript, typescript, python

## Rules by Language

### Javascript (1 rules)

- **Integer Overflow via Unchecked Arithmetic** [MEDIUM]: Detects user-controlled values flowing into arithmetic operations without
bounds checking. While JavaScript uses 64-bit floats for most numbers,
integer overflow is still a concern in these scenarios:

1. TypedArrays (Uint8Array, Int32Array, etc.) - values wrap on overflow
2. Bitwise operations - convert to 32-bit signed integers
3. Large number arithmetic affecting security decisions
4. Array/Buffer allocation with user-controlled sizes

Common vulnerable patterns:
- Buffer allocation: Buffer.a
  - Remediation: Validate numeric bounds before using user input in allocations:

```javascript
const MAX_SIZE = 1024 * 1024;
const size = parseInt(req.query.size, 10);

if (isNaN(size) || size < 0 || size > MAX_SIZE) {
  return res.status(400).send('Invalid size');
}

const buffer = Buffer.alloc(size);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-190/integer-overflow

### Typescript (1 rules)

- **Integer Overflow via Unchecked Arithmetic** [MEDIUM]: Detects user-controlled values flowing into arithmetic operations without
bounds checking. While JavaScript uses 64-bit floats for most numbers,
integer overflow is still a concern in these scenarios:

1. TypedArrays (Uint8Array, Int32Array, etc.) - values wrap on overflow
2. Bitwise operations - convert to 32-bit signed integers
3. Large number arithmetic affecting security decisions
4. Array/Buffer allocation with user-controlled sizes

Common vulnerable patterns:
- Buffer allocation: Buffer.a
  - Remediation: Validate numeric bounds before using user input in allocations:

```javascript
const MAX_SIZE = 1024 * 1024;
const size = parseInt(req.query.size, 10);

if (isNaN(size) || size < 0 || size > MAX_SIZE) {
  return res.status(400).send('Invalid size');
}

const buffer = Buffer.alloc(size);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-190/integer-overflow