Software Engineering Institute

Integers represent a growing and underestimated source of vulnerabilities in C and C++ programs. In this paper, we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow, truncation, and other integral exceptional conditions. The AIR integer model either produces a value equivalent to one that would have been obtained using infinitely ranged integers or results in a runtime-constraint violation. Instrumented fuzz testing of libraries that have been compiled using a prototype AIR integer compiler has been effective in discovering vulnerabilities in software with low false positive and false negative rates. Furthermore, the runtime overhead of the AIR integer model is low enough for typical applications to enable this feature in deployed systems for additional runtime protection

Integers represent a growing and underestimated source of vulnerabilities in C and C++ programs. In this paper, we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow, truncation, and other integral exceptional conditions. The AIR integer model either produces a value equivalent to one that would have been obtained using infinitely ranged integers or results in a runtime-constraint violation. Instrumented fuzz testing of libraries that have been compiled using a prototype AIR integer compiler has been effective in discovering vulnerabilities in software with low false positive and false negative rates. Furthermore, the runtime overhead of the AIR integer model is low enough for typical applications to enable this feature in deployed systems for additional runtime protection