Integer Overflow Checking Cost

https://danluu.com/integer-overflow/

#HackerNews #IntegerOverflow #PerformanceOptimization #SecurityProgramming #CodeSafety

Ern Launches Bug Bounty Program on Immunefi with Rewards up to $50,000
This article discusses the launch of a bug bounty program by Erns, with potential rewards reaching $50,000. The focus is on security vulnerabilities in smart contract platforms. One instance identified is an integer overflow vulnerability, where the parsing function for uint256 data type didn't account for possible overflow, allowing attackers to manipulate values beyond the maximum supported by the data type. By sending a transaction with a larger-than-expected amount, the researcher was able to trick the contract into processing incorrect data. This could result in unauthorized transactions or contract failure, potentially causing significant financial loss. The vulnerability was remediated by using safe arithmetic operations and functions like SafeMath in the smart contract code. To secure your smart contracts, always ensure input validation and use secure programming practices for mathematical operations. Key lesson: Always validate inputs and implement safe math libraries for secure smart contracts. #BugBounty #SmartContractSecurity #Cryptocurrency #IntegerOverflow

https://medium.com/@ernapp/ern-launches-bug-bounty-program-on-immunefi-with-rewards-up-to-50-000-8a6c632895a9?source=rss------bug_bounty-5

From a Silent Math Error to Certificate Bypass: Uncovering an Integer Overflow in a TLS Parser
This article details an integer overflow vulnerability within a Transport Layer Security (TLS) parser. The flaw allowed attackers to bypass certificate checks due to improper validation of parsed values. When the server received maliciously crafted client hello messages containing excessively large extensions, it failed to handle the unexpected data size. As a result, an integer overflow occurred, leading to buffer overflows and arbitrary code execution. The researcher exploited this vulnerability by sending a specially crafted TLS handshake request with extended client hello payloads that contained large, incorrectly parsed values. By modifying the length of extension fields, they tricked the parser into interpreting non-existent data as valid, causing unintended execution of malicious code and certificate bypass. The exploit resulted in a high severity vulnerability (CVE-2018-0204) with a CVSS score of 9.8. The researcher was awarded $36,000 for their findings, and the vendor promptly released patches to address this issue. To prevent similar issues, developers should perform rigorous input validation and limit the size of parsed values during TLS handshake processing. Key lesson: Proper input validation is crucial in TLS parsing to avoid buffer overflows and other security vulnerabilities #BugBounty #Cryptography #TLS #IntegerOverflow #BufferOverFlow

https://medium.com/@HackerMD/from-a-silent-math-error-to-certificate-bypass-uncovering-an-integer-overflow-in-a-tls-parser-b73b86696f74?source=rss------bug_bounty-5

Io credo che l'integer overflow non gestito sia uno dei bug più comuni del mondo informatico.

Ieri mezza fabbrica si è fermata per quasi un giorno intero a causa di questo. In realtà non avendo accesso al sorgente e non essendoci errori nei log ho fatto una diagnosi puramente comportamentale, ma Rockwell ha confermato la correttezza delle assunzioni dopo poche ore.

In pratica a partire da una data specifica una certa funzione si è bloccata contemporaneamente su più server. Anche in ambiente di DEV. La funzione veniva chiamata, presentava una finestra che flashava e scompariva. Sul log indicava alla stessa data e ora l'attivazione e l'annullamento, che in realtà non c'era.

Ma c'era.

Questa finestra fa partire un timer che aspetta per la sua durata, configurabile, dopodiché annulla l'operazione. Non si può disattivare, e i nostri geniali ingegneri hanno comunemente deciso di popolare quel parametro con un valore di "99999h:59m:59s". Adesso vi lascio immaginare cosa sia successo a partire da ieri.

Spoiler

OK, se hai fatto il conto, manchiamo il bug 2038 per qualcosa come 8000 e rotte ore, meno di un anno, però non sappiamo come questo timeout venga impastato con altri parametri e in quale punto esatto l'intero si rompa. Potrebbe anche essere un integer underflow per quello che ne so, ma rimane il fatto che la finestra si chiude e l'operazione si annulla perché la condizione del timeout viene considerata soddisfatta.

La morale è sempre quella

Fai merenda con girella.

Qualche zucchero in più non fa male se devi usare il cervello.

Se poi sviluppi software, oltre a imparare da uno bravo, controlla i tuoi interi e se invece lo smanetti e basta non usare MAI valori limite, ma mettici la testa: non ha senso un timeout di 10 anni. Considerato tutto, in questo caso, 1 settimana sarebbe sufficientemente cautelativa.

#software #development #bugs #integeroverflow

Rediscovered an 11‑Year‑Old libpng Vulnerability

A beginner in secure code review reintroduced CVE‑2014‑9495 by fuzzing width * bit-depth overflow

https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/

#libpng #IntegerOverflow

Integer overflow! Integer overflow!

The battery is labeled 44Ah.

The charger shows -24534 mAh.

Assuming this thing uses an int16 to store the charged capacity its now at 41 Ah charged, which is totally fine for a "dead, to be scrapped" car battery.

(Yes I am doing silly off-grid stuff again)

#integeroverflow

Recent addition to the Newton Glossary describing the “Year 2040 Problem”.

#AppleNewton
#RetroComputing
#IntegerOverflow

https://newtonglossary.com/terms/year-2040-problem

my #Duolingo streak resets tomorrow
https://invite.duolingo.com/BDHTZTB5CWWKSPZ3LKYJG3KDQE?v=sp

#joke #binary #IntegerOverflow