Add to collection(s) Add to saved
  1. No category

integer-overflow-cs1-java-200901121156

advertisement 
CS1
Integer Overflow - “You can't count that high!”
Background
Summary: Integer values that are too large or too small may fall outside the allowable
bounds for their data type, leading to unpredictable problems that can both reduce the
robustness of your code and lead to potential security problems.
Description: The value of each integer variable is stored in a block of memory of a
fixed size (typically 4 bytes for an integer). If a program attempts to assign a value that
is either too large or too small to an integer variable, there won't be enough room to hold
it. When this happens, you may not have any idea what the value of that variable might
be, but it almost always won't be what you want.
Risk: An integer overflow may be exploited to cause a program crash, lead to incorrect
behavior, or present opportunities for malicious software to run code that could do bad
things to your computer.
Example of Occurrence: Many Unix operating systems store time values in 32-bit
signed (positive or negative) integers, counting the number of seconds since midnight
on January 1, 1970. On Tuesday, January 19, 2038, this value will overflow, becoming a
negative number. Although the impact of this problem in 2038 is not yet known, there
are concerns that software that projects out to future dates – including tools for
mortgage payment and retirement fund distribution – might face problems long before
then.
Source: “Year 2038 Problem” http://en.wikipedia.org/wiki/Year_2038_problem
How can I avoid integer overflow?
1) Choose your data types carefully: Choose your data types to be large enough to
hold the values you will be working with. If there's any doubt at all as to whether
your variable will have values that are too large for a short, use an int. If an
int might be too small, use a long.
2) Validate your input for ranges and reasonableness. Check input is valid and
reasonable before conducting operations.
3) Check for possible overflows: . Always check results of arithmetic operations or
parsing of strings to integers, to be sure that an overflow has not occurred. The
result of multiplying two positive integers should be at least as big as both of
those integers, etc. If you find a result that overflows, you can take appropriate
action before the result is used. This might mean reporting an exception,
stopping the program, or repeating a request for input.
CS1
Problem
1) Run the following program and print the program and output.
public class PrintLimits
{
public static void main(String args[])
{
System.out.println("Min
System.out.println("Max
System.out.println("Min
System.out.println("Max
System.out.println("Min
System.out.println("Max
System.out.println("Min
System.out.println("Max
System.out.println("Min
System.out.println("Max
byte value
byte value
short value
short value
int value
int value
float value
float value
double value
double value
=
=
=
=
=
=
=
=
=
=
"
"
"
"
"
"
"
"
"
"
+
+
+
+
+
+
+
+
+
+
Byte.MIN_VALUE);
Byte.MAX_VALUE);
Short.MIN_VALUE);
Short.MAX_VALUE);
Integer.MIN_VALUE);
Integer.MAX_VALUE);
Float.MIN_VALUE);
Float.MAX_VALUE);
Double.MIN_VALUE);
Double.MAX_VALUE);
int x = Integer.MAX_VALUE;
int y = x+1;
System.out.println(x);
int z1 = Integer.MIN_VALUE-1;
int z2 = Integer.MIN_VALUE-2;
int z3 = z1*z2;
System.out.println(z3);
}
}
2) For each of the following give the appropriate declaration:
a) Number of students at your college
b) Population of Baltimore 637,455
c) Population of Maryland 5.6 million
d) the world population (6.6 billion).
e) Add code to demonstrate an integer overflow.
3) a) Write a program that shows the population growth (use a short int) for a small
town with a current population of 20,000. Assume a 10% increase each year. Show
the population after year 1, year 2, ...,How many years until overflow occurs?
b) Complete the checklist given below for this program.
c) Modify the program to use a more appropriate type. How many years will this
modified version continue before hitting an overflow?
CS1
Security Checklist
Checklists are used in many industries including aviation and software for safety and
error checking. Complete the following security checklist to identify potential
vulnerabilities in your code.
Complete the following security checklist for this program.
Security Checklist
Integer Overflow
Vulnerability
Course
Check each line of code
1. Underline each occurrence of an integer variable.
For each underlined variable:
2. Mark with a V any assignments made to this variable.
CS1
3. Mark with a V all inputs to these variables.
Possible Vulnerability!!
Discussion
1. In your own words, describe an integer overflow.
2. How could an integer overflow occur in your program?
3. What happens when an integer overflow occurs?
4. Why is multiplication particularly risk?
5. Name three things that you might do in your next program to prevent an integer
overflow from occurring?
Related documents
Adding, Subtracting, Multiplying, and Dividing Integers
Adding, Subtracting, Multiplying, and Dividing Integers
Intro to Integers REFERENCE
Intro to Integers REFERENCE
Processing Tutorial 1: Loops
Processing Tutorial 1: Loops
Variables, Constants, Real Number Practice Problems
Variables, Constants, Real Number Practice Problems
HOMEWORK 4 - ELEMENTARY ESTIMATES 1. Assuming the prime
HOMEWORK 4 - ELEMENTARY ESTIMATES 1. Assuming the prime
Review
Review
Integer Game REview - Morris Plains School District
Integer Game REview - Morris Plains School District
Download
advertisement