• C

Please explain the real risk presented by "arithmetic overflows"

I am interested in using NETPBM to resize images "on-the-fly" for my dynamic web pages.


According to its documentation, Netpbm is full of arithmetic overflows.

As is common in C programming, many Netpbm programs were written with the assumption that inputs aren't such that they cause the program to attempt to compute values that cannot be represented in the data structure the program uses. For example, you might supply an input image that is 1 million columns wide by 1 million rows tall. The program might naively attempt to multiply those values together and represent the result in a 32 bit integer structure. Since the real product is too large to represent in 32 bits, the naive C code actually computes a different number, without recognizing any kind of error.

Such an overflow can cause an untold variety of program failures. A typical example is that the program uses the bogus number as the amount of storage that needs to be allocated for an array. It thus allocates too little storage for the array. A subsequent reference to an element in the array thus references arbitrary storage that has nothing to do with that array.

*****This could conceivably be a security exposure. *******

My question is this: what is the REAL risk of using this package?  Could it be a memory hog?  Could it make things slow over time?  Could it open my system up to hackers?  Or is this a theoretical problem that would have no practical implications for me?

Please explain the real risk of using a package with "arithmetic overflows"


LVL 16
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lots of bad things could happen.  Here's one example:

the bad image passes in an image size that overflows 16-bits and wraps around to a small number:

Example:   an image of (hex)  1020 x 1020 when multiplied gives a result of 10000400.  The sizten-bit truncation of this is just 0400.  So the code is likely to just allocate 400 hex (1024 decimal) bytes for the image.   But as soon as the image gets plopped into place, it's going to overwrite waay past the end of the 1024 byte array (by megabytes).  it could overwrite other data, or worse yet, code, with whatever is in the image, which golly, might not be an image at all, but carefully written code that could do anything at all to your computer (depending on what priviledge level the code is running at).   So you could easily lose the computer.

If you must use that code, see if your web server will let you run that code at a reduced privilidge level.  It definitely shouldnt run as Administrator, or have write permission to any file system.  And it should have very restrictive quotas (if your OS lets you set them).  Give it as little memory and CPU time quotas as it needs, and no more.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sjef BosmanGroupware ConsultantCommented:
1040400 !

And any modern O/S protects code from being overwritten, since code is usually stored in read-only segments. Dataspace, i.e. the data, heap and stack areas, can indeed be overwritten and your program may crash. So hopefully you will be producing good images, but you might end up weird images or nothing at all.
hankknightAuthor Commented:
Oh my-- it doesn't sound woth the risk . . .

There are other image tools out there that have also been created with C, including VIPS and (I think) ImageMagick.  How can I find out if these have overflow problems too?
hankknightAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.