1. Home
  2. CWE Database
  3. CWE-128
Base · Medium

CWE-128: Wrap-around Error

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

CWE-128 · Base Level ·3 Mitigations

Description

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

Potential Impact

Availability

DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability

Integrity

Modify Memory

Confidentiality, Availability, Access Control

Execute Unauthorized Code or Commands, Bypass Protection Mechanism

Demonstrative Examples

The following image processing code allocates a table for images.
Bad
img_t table_ptr; /*struct containing img data, 10kB each*/int num_imgs;...num_imgs = get_num_imgs();table_ptr = (img_t*)malloc(sizeof(img_t)*num_imgs);...
This code intends to allocate a table of size num_imgs, however as num_imgs grows large, the calculation determining the size of the list will eventually overflow (CWE-190). This will result in a very small list to be allocated instead. If the subsequent code operates on the list as if it were num_imgs long, it may result in many types of out-of-bounds problems (CWE-119).

Mitigations & Prevention

General

Requirements specification: The choice could be made to use a language that is not susceptible to these issues.

Architecture and Design

Provide clear upper and lower bounds on the scale of any protocols designed.

Implementation

Perform validation on all incremented variables to ensure that they remain within reasonable bounds.

Detection Methods

  • Automated Static Analysis High — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea

CWE-682: Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critic...

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer'...

CWE-190: Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic a...

Taxonomy Mappings

  • CLASP: — Wrap-around error
  • CERT C Secure Coding: MEM07-C — Ensure that the arguments to calloc(), when multiplied, can be represented as a size_t
  • Software Fault Patterns: SFP1 — Glitch in computation

Frequently Asked Questions

What is CWE-128?

CWE-128 (Wrap-around Error) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

How can CWE-128 be exploited?

Attackers can exploit CWE-128 (Wrap-around Error) to dos: crash, exit, or restart, dos: resource consumption (cpu), dos: resource consumption (memory), dos: instability. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-128?

Key mitigations include: Requirements specification: The choice could be made to use a language that is not susceptible to these issues.

What is the severity of CWE-128?

CWE-128 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.