CWE-128 Detail

CWE-128

Name

Wrap-around Error

Likelihood

Medium

Status

Incomplete

Published

2006-07-19
00h00 +00:00

Modified

2023-06-29
00h00 +00:00

Official links

CWE Mitre.org

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Notifications manage

List of Notifications

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Name: Wrap-around Error

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

General Informations

Background Details

Due to how addition is performed by computers, if a primitive is incremented past the maximum value possible for its storage space, the system will not recognize this, and therefore increment each bit as if it still had extra space. Because of how negative numbers are represented in binary, primitives interpreted as signed may "wrap" to very large negative values.

Modes Of Introduction

Implementation

Applicable Platforms

Language

Name: C (Often)
Name: C++ (Often)

Common Consequences

Scope	Impact	Likelihood
Availability	DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability Note: This weakness will generally lead to undefined behavior and therefore crashes. In the case of overflows involving loop index variables, the likelihood of infinite loops is also high.
Integrity	Modify Memory Note: If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
Confidentiality Availability Access Control	Execute Unauthorized Code or Commands, Bypass Protection Mechanism Note: This weakness can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.

Potential Mitigations

Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
Phases : Architecture and Design
Provide clear upper and lower bounds on the scale of any protocols designed.
Phases : Implementation
Perform validation on all incremented variables to ensure that they remain within reasonable bounds.

Vulnerability Mapping Notes

Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Related Attack Patterns

CAPEC-ID	Attack Pattern Name
CAPEC-92	Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

NotesNotes

The relationship between overflow and wrap-around needs to be examined more closely, since several entries (including CWE-190) are closely related.

References

REF-44

24 Deadly Sins of Software Security
Michael Howard, David LeBlanc, John Viega.

REF-62

The Art of Software Security Assessment
Mark Dowd, John McDonald, Justin Schuh.

REF-18

The CLASP Application Security Process
Secure Software, Inc..
https://cwe.mitre.org/documents/sources/TheCLASPApplicationSecurityProcess.pdf

Submission

Name	Organization	Date	Date release	Version
CLASP		2006-07-19 +00:00	2006-07-19 +00:00	Draft 3

Modifications

Name	Organization	Date	Comment
CWE Content Team	MITRE	2008-09-08 +00:00	updated Applicable_Platforms, Background_Details, Common_Consequences, Relationships, Relationship_Notes, Taxonomy_Mappings, Weakness_Ordinalities
CWE Content Team	MITRE	2008-11-24 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2009-10-29 +00:00	updated Common_Consequences, Relationships
CWE Content Team	MITRE	2010-12-13 +00:00	updated Background_Details
CWE Content Team	MITRE	2011-06-01 +00:00	updated Common_Consequences
CWE Content Team	MITRE	2011-09-13 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2012-05-11 +00:00	updated Common_Consequences, Demonstrative_Examples, References, Relationships
CWE Content Team	MITRE	2014-07-30 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2017-01-19 +00:00	updated Relationships
CWE Content Team	MITRE	2017-11-08 +00:00	updated Causal_Nature, Taxonomy_Mappings
CWE Content Team	MITRE	2020-02-24 +00:00	updated Relationships
CWE Content Team	MITRE	2021-03-15 +00:00	updated Potential_Mitigations, References
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes