Posted on by Achim D. Brucker, licensed under CC BY-ND 4.0.

1 + 0 = 1 - often but not always

Numbers play an important role in our everyday life. And computers are known two work fast and efficiently with numbers, hence their name. Therefore, it might come as a surprise that numbers, as represented by modern computers, do not always behave as one expects.

For example, consider the simple computation of computing the sum of 0.1 and 0.2:

In [1]: 0.1+0.2
Out[1]: 0.30000000000000004

Which does not produce the expected result of 0.3. Also, there are numbers to which we can add one, and still yield the same number:

In [2]: 1e16+1 == 1e16
Out[2]: True

Both behaviors are due to the specific representation of floating point numbers using the IEEE-754 standard. These numbers are not, as many might assume, a faithful representation of mathematical reals: they are an approximation with a lot of corner cases that one needs to take care of when implementing safety of security critical software - or software, that just should be correct.

Ok, floating point numbers are difficult. But integers are much simpler and work as expected, right? Consider the following program, running on an imaginary 8-Bit Computer:

#include <stdio.h>
int main() {
      signed int x=70; // Let's assume 8-Bit integers, i.e.,  we
      signed int y=50; // can represent numbers between -128 and 127. 
      if (x + y > 0){
          printf("Hello World\n");
          printf("Hello Universe\n");
      return 0;

Assuming 8-Bit integers, the maximum positive number that can be represented is 255. Actually, 142+130 yields here -3, which shows the unexpected behavior that adding two positive numbers can result in a negative result.

These special cases can lead to functional errors as well as being the root cause of severe security vulnerabilities.

Will discuss these examples and others, and how they can result in security vulnerabilities in my talk at the Heise devSec conference that takes place from the 4th to 6th of October 2022 in Karlsruhe, Germany.

Welcome to the blog of the Software Assurance & Security Research Team at the University of Exeter. We blog regularly news, tips & tricks, as well as fun facts about software assurance, reliability, security, testing, verification, hacking, and logic.

You can also follow us on Twitter: @logicalhacking.




academia ai android apidesign appsec bitcoin blockchain bpmn browser browserextensions browsersecurity bug certification chrome composition cordova dast devops devsecops dom dsbd efsm epsrc event extensions fixeffort floss formaldocument formalmethods funding hol-ocl hol-testgen humanfactor hybridapps iast industry internetofthings iot isabelle/hol isabelledof isadof latex logic maintance malicous mbst mobile mobile apps modelinference modeling monads monitoring msc ocl ontology opensource owasp patches pet phd phdlife phishing policy protocols publishing reliability research safelinks safety sap sast sdlc secdevops secureprogramming security securityengineering securitytesting semantics servicecomposition skills smartcontract smartthings softwareeinginering softwaresecurity softwaresupplychain solidity staff&positions statemachine studentproject tcb test&proof testing tips&tricks tools transport tuos uk uoe upgrade usability verification vulnerabilities vulnerableapplication webinar websecurity


blog whole site