Flow-Insensitive Static Analysis for Detecting Integer Anomalies in Programs

D. Sarkar, M. Jagannathan, J. Thiagarajan, and R. Venkatapathy (USA)


Security, Static Analysis, Integer Overflow, Integer Under flow, Buffer Overrun


This paper describes a static analysis algorithm to detect potential integer anomalies in software. Integer anamolies take place when arithmetic operations on integer values yield new values that cannot be represented in the range for the integer type. Two common integer anomalies are inte ger overflow and integer underflow. Unexpected behavior could occur in a program’s execution if an attempt is made to represent a value outside the range of the integer type. Such anomalies in integers representing buffer sizes can lead to critical buffer overruns that compromise the secu rity of a system. In this paper, we present a flow-insensitive intra procedural static analysis algorithm that detects integer overflow and underflow anomalies in integer variables that represent memory allocation size, buffer access size or loop terminating condition. We ran the analysis on ap proximately 55 MLOC from some future Microsoft prod ucts. We successfully uncovered and fixed over 2000 such anomalies with an overall noise rate of as low as 6.76 per cent.

Important Links:

Go Back