Integer Overflow and Underflow

From WEB3 Vulnerapedia
Jump to navigation Jump to search

Integer overflow and underflow vulnerabilities arise when the result of an arithmetic operation exceeds the maximum (overflow) or goes below the minimum (underflow) value that can be stored in the data type. Attackers exploit this by manipulating arithmetic operations to gain unauthorized control.

In solidity, integer types have maximum values. For example:

uint8 => 255 uint16 => 65535 uint24 => 16777215 uint256 => (2^256) - 1

Overflow and underflow vulnerabilities can occur when you exceed the maximum value (overflow) or when you go below the minimum value (underflow). When you exceed the maximum value, you go back down to zero, and when you go below the minimum value, it brings you back up to the maximum value.

Since smaller integer types like: uint8, uint16, etc. have smaller maximum values, it can be easier to cause an overflow, thus they should be used with greater caution.

Older contracts often made use of the SafeMath library, to avoid over/underflows, but in solidity >=v0.8.0, SafeMath logic is built in by default. It's important to consider that regardless of SafeMath logic being used, either built-in or used manually in older contracts, over/underflows still trigger reverts, which may result in denial of service of important functionality or other unexpected effects. Built-in SafeMath logic may also be avoided with unchecked blocks, see docs for more info.

Risk: Unexpected Behavior

Integer overflow and underflow can lead to unexpected behavior, which may compromise the security and functionality of the smart contract.