Introducing Integer Overflows

Buffer Overflow happens when a program allows data to be written into it beyond its limit, overwriting adjacent memory. Integer overflow is a similar case.

An integer overflow happens when the integer inputs are put to some mathematical operations and the result is too large that it wraps around or changes abruptly.

An integer can hold a maximum value in the C language up to 2,147,483,647 . If we add 1 to it, then we get -2,147,483,647 (32-bit). Interesting right.

This is today's picoCTF challenge:

Let's run the binary and check locally first.

Let's check the source code.

A sum will be calculated using two inputs. We need the sum of two positive numbers to be a negative number. Does this ring a bell? We discussed such a scenario at the top. Let's try those values.

Cool, that's a good introduction to integer overflows. Just letting you know integer overflows had great repercussions in the past. The Ariane 5 rocket failure (1995) was due to an integer overflow.

If you are writing code that handles numbers, then using long instead of int can be a game-saver.

Try out LiveAPI. Get your backend APIs documented automatically. It supports 90+ backend frameworks and 20+ programming languages. Please give it a try and provide your feedback.