integer-overflow-anti-pattern
Installation
SKILL.md
Integer Overflow Anti-Pattern
Severity: High
Summary
Integer overflow occurs when arithmetic operations exceed the maximum value for a data type, causing values to wrap around to small or negative numbers instead of erroring. Individually valid user-controlled inputs combined in calculations create exploitable conditions. Attackers bypass security checks, trigger buffer overflows, and manipulate financial transactions through overflow exploitation.
The Anti-Pattern
Never perform arithmetic operations on user-controlled inputs without checking for overflow. Individual input validation is insufficient.
BAD Code Example
// VULNERABLE: Individual values are checked, but their multiplication can overflow.
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>