Authorization / Integer Overflow or Wraparound

Description

Integer Overflow or Wraparound is a type of authorization vulnerability listed in the CWE directory (CWE-190) as an implementation flaw. It occurs when a program uses an integer data type to store a value which is larger than the maximum value the integer data type can hold. This leads to the integer “overflowing” and wrapping around to a negative value. This can be used to bypass authorization checks, leading to serious security issues. This vulnerability is commonly found in web and API applications (CWE-352).

Risk

The risk of this vulnerability is high, as it can lead to complete bypass of authorization checks and allow an attacker to gain access to restricted resources. An attacker can leverage this vulnerability to access sensitive information, modify or delete data, or perform other malicious activities.

Solution

The best way to prevent Integer Overflow or Wraparound vulnerabilities is to use a data type that can store values larger than the maximum value of an integer data type. This can help ensure that the value does not overflow and wrap around to a negative value. Additionally, it is important to validate user input, as this can help prevent an attacker from exploiting this vulnerability.

Example

The following code snippet demonstrates an example of Integer Overflow or Wraparound vulnerability. This code attempts to check if a user is authorized to access a resource. However, the code uses an integer data type to store the user's permission level, which can cause the value to overflow and wrap around to a negative value. This can allow unauthorized users to access the resource.

int permissionLevel = getUserPermissionLevel();
if (permissionLevel >= 10)
{
    allowAccessToResource();
}
else
{
    denyAccessToResource();
}