Lecture 12Integers

Computer and Network Security19th of December 2016

Computer Science and Engineering Department

CSE Dep, ACS, UPB Lecture 12, Integers 1/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 2/40

Integers

I numbers

I non-floating point

I positive, negative or zero

CSE Dep, ACS, UPB Lecture 12, Integers 3/40

Integer Use

I actual numbers and integers values and . . .

I array index

I length/size of an object

I pointer arithmetic

I loop counter, array bound

I argument to a memory allocation function

CSE Dep, ACS, UPB Lecture 12, Integers 4/40

Data Types

I char

I short

I int

I long

I long long

I pointer

CSE Dep, ACS, UPB Lecture 12, Integers 5/40

Size of Data Types. Data Models

CERT C Programming Language Secure Coding Standard, pg. 118

CSE Dep, ACS, UPB Lecture 12, Integers 6/40

To Bear in Mind

I representation of data types

I bounds (minimum, maximum)

I signedness

I conversion

I pointers and integers

CSE Dep, ACS, UPB Lecture 12, Integers 7/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 8/40

Positive Integers

I always the same

I first bit is 0 for signed integers and the rest is the value

I the actual value is stored for unsigned integers

I representation differs for (signed) negative integers

CSE Dep, ACS, UPB Lecture 12, Integers 9/40

Signed-magnitude for Negative Integers

I direct representation

I first bit is 1

I the rest of the bits are the actual value

I issue: difficult hardware implementation

CSE Dep, ACS, UPB Lecture 12, Integers 10/40

1’s Complement for Negative Integers

I first bit is 1

I the rest of the bits are complemented (reversed)

I the circuitry is simpler

I issue: two values for zero (positive and negative zero)

CSE Dep, ACS, UPB Lecture 12, Integers 11/40

2’s Complement for Negative Integers

I first bit is 1

I the rest of the bits are complemented and added one

I a single (positive) representation for zero

CSE Dep, ACS, UPB Lecture 12, Integers 12/40

Signed/Unsigned Representation and Ranges

I we use 2’s complement

I consider N bits width representation

I 2N possible values

I for unsigned integers range is (0. . . 2N − 1)

I for signed integers, range is (−2N−1 . . . 2N−1 − 1)

CSE Dep, ACS, UPB Lecture 12, Integers 13/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 14/40

Promotions

I integers smaller than int are promoted to int when performingoperations

I done to avoid overflows

I char c1, c2; c1 = c1 + c2;

CSE Dep, ACS, UPB Lecture 12, Integers 15/40

Types and Ranks

I type: signed or unsigned

I ranks: long long > long > int > short > char

I convert to the larger rank

CSE Dep, ACS, UPB Lecture 12, Integers 16/40

Unsigned to Unsigned

I safe from shorter range to larger range

I truncation if converting from larger range to shorter range

CSE Dep, ACS, UPB Lecture 12, Integers 17/40

Unsigned to Signed

I same rank

I high-order bit is signed bit

I sign may change

CSE Dep, ACS, UPB Lecture 12, Integers 18/40

Signed to Signed

I sign-extension is convert to larger rank

I preserve lower part in case of conversion to a smaller rank

CSE Dep, ACS, UPB Lecture 12, Integers 19/40

Signed to Unsigned

I value unchanged if signed integer is positive

I truncation if unsigned rank is smaller

I sign-extension if larger unsigned rank

I in case of negative integers, a large positive integers isobtained

CSE Dep, ACS, UPB Lecture 12, Integers 20/40

Signed/Unsigned Characters

I char may be signed char on unsigned char

I when storing negative signed char in an integer, the result is alarge negative number

I if value above 127 (0x7F) use unsigned char

CSE Dep, ACS, UPB Lecture 12, Integers 21/40

In a Nutshell

CSE Dep, ACS, UPB Lecture 12, Integers 22/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 23/40

Addition

I integer and integer

I pointer and integer

I may result in overflow

I arithmetic conversion

CSE Dep, ACS, UPB Lecture 12, Integers 24/40

Subtraction

I integer and integer

I pointer and integer

I may result in negative overflow

CSE Dep, ACS, UPB Lecture 12, Integers 25/40

Multiplication

I prone to overflow even for small operands

I good idea to allocate twice the storage for the product

CSE Dep, ACS, UPB Lecture 12, Integers 26/40

Division

I division by zero

I division of minimum signed integer value divided by -1

CSE Dep, ACS, UPB Lecture 12, Integers 27/40

Modulo

I similar to division, since division is involved

I careful at negative remainders

CSE Dep, ACS, UPB Lecture 12, Integers 28/40

Shifting

I careful when shifting signed negative integers

I integer promotion must be taken into consideration

CSE Dep, ACS, UPB Lecture 12, Integers 29/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 30/40

Truncation

I convert to a smaller integer type

I the initial value is outside range

I high order bits are lost in case of converting from larger toshorter

CSE Dep, ACS, UPB Lecture 12, Integers 31/40

Overflow

I may be signed on usigned

I go beyond maximum value or below minimum value

CSE Dep, ACS, UPB Lecture 12, Integers 32/40

Sign Error

I convert unsigned to signedI if “bit sign” in integer is set it results in a negative number

I convert signed to unsignedI negative numbers result in large positive numbers

CSE Dep, ACS, UPB Lecture 12, Integers 33/40

Negative Indices

I negative arrays index

I value outside bounds

CSE Dep, ACS, UPB Lecture 12, Integers 34/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 35/40

Recommendations

I INT00-C to INT18-C on “04. Integers (INT)” in CERT CSecure Coding Standard

CSE Dep, ACS, UPB Lecture 12, Integers 36/40

Rules

I INT30-C to INT36-C on “04. Integers (INT)” in CERT CSecure Coding Standard

CSE Dep, ACS, UPB Lecture 12, Integers 37/40

Outline

Data Types

Representation

Conversions

Operations

Issues

Rules and Recommendations

Conclusion

CSE Dep, ACS, UPB Lecture 12, Integers 38/40

Keywords

I integer

I type

I long long, long, int, short,char

I signed, unsigned

I bounds/range

I 2’s complement

I conversion

I promotion

I rank

I addition

I subtraction

I multiplication

I division

I modulo

I truncation

I overflow

I sign error

I negative index

CSE Dep, ACS, UPB Lecture 12, Integers 39/40

References

I CERT C Secure Coding Standard – 04. Integers (INT) –https://www.securecoding.cert.org/confluence/

pages/viewpage.action?pageId=270

I Secure Coding in C and C++ ClassI Module 3. Integers

I Secure Coding in C and C++I Chapter 5. Integer Security

CSE Dep, ACS, UPB Lecture 12, Integers 40/40