Bug #33543
Posible Integer Overflow
| Status: | Resolved | Start date: | 2012-01-30 | |
|---|---|---|---|---|
| Priority: | Won't have this time | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | Vulnerability | |||
| Target version: | - | |||
| Votes: | 0 |
Description
Testing my site with BackTrack, returned me a warning about Integer Overflow
Message:
Integer overflows occur when integer data types exceed their maximum value. When this occurs in programs written in languages such as C, the resulting behavior can have security implications. In these cases, unsigned integers will be reduced, wrapping back to a lower numeric value. The potential impact on security depends on how the integer value is used. If it is used as the size of a data buffer, forcing it to wrap to a lower value may result in bypassing of size checks, introducing possible buffer overflow conditions.
- Integer overflow errors can have a variety of impacts, depending on the context and the purpose of the integer value.
- Integers used to check the size of a data buffer, if reduced, can incorrectly represent the total amount of data, resulting in a possible buffer overflow.
History
Updated by Felix Nagel about 1 year ago
- Category set to Vulnerability
Updated by Dmitry Dulepov about 1 year ago
- Status changed from New to Resolved
- Priority changed from Should have to Won't have this time
The extension is not written in C. It uses PHP. We cannot process the report because it is too generic and does not provide any information about where or why BackTrack warned you.