256 Kilobytes

What are Integer Overflows?

Articles in Unintended Behavior and Exploits | By Louis J. V. Cicalese

Published | Last Update

Back in my day, we had to walk up hill both ways to debug integer overflows.

1,765 view, 0 RAMs, and 0 comments

With the prevalence of high-level, dynamically typed programming languages--not to mention drastic increases in memory availability since the early days of computing--unintended behavior due to integer overflows are a topic that certainly comes up much less often than it did in the past.

What are integer overflows?

A few basic facts about computers:

  • All data is stored in bits
  • Computers have a finite number of bits.
  • Computer programs need to know how many bits to allocate (reserve) for the pieces of data that they work with.

One byte has 256 possible states. Which could--among other things--represent a value between 0 and 255 (since 0 is one of those possible states). But, what if you reserve one byte to keep track of some value, but then tell the program to increase that value beyond the maximum amount that can be stored in a byte? This results in an integer overflow, where the value will loop back around. In this case, this would cause the value to--instead of being 256--loop around to zero.

Why don’t kids these days run into integer overflows with these hip, new-age programming languages?

When writing code in low-level laguages like C, programmers can (and must) allocate and deallocate memory for their code. This can result in, for example, the classic integer overflow in Pac-Man, breaking the game when the player reaches level 256.

High-level programming languages will, in general, handle any needed type conversions automatically. In Python, for example, if the value stored in a variable exceeds what can be held in the dynamically-assigned datatype’s limit, Python handles the conversion behind the scenes, preventing integer overflows from occurring.

What about modern computer code written in low-level languages?

For applications that require high levels of performance, writing code in languages like C can be more time consuming, but a worthwhile endeavor in cases where the highest level of performance is required.

When Psy’s Gangnam Style music video was released on YouTube in 2012, the video received an unprecedented amount of views. Currently, the video has over 3 billion views which, for context, is about 40% of the world’s population. During its height of popularity, the huge number of views threatened to result in integer overflow and break YouTube once they exceeded about 2 billion.

As discussed in a video by Computerphile, at the time, YouTube stored the number of views using a 32-bit integer, which is sufficient to store over 4 billion numbers. Half of these, however, were used to store negative numbers, which is why YouTube could only store about 2 billion numbers -- the other 2 billion were negatives.

YouTube probably assumed this was plenty considering that 2 billion is over 25% of the Earth’s population, but Gangnam Style proved them wrong. They fixed this by moving to a 64-bit integer, which can store a ridiculous 9.2 x 10^18 views, which should be sufficient for awhile.

Note: YouTube is reported to have later stated that their comment on the view counter was a joke.

Implications of Increased Available Memory

Since, in 2019, the difference between one byte and four bytes is effectively irrelevant (at least, for a one-off variable), these kids throw around bytes like it’s figuratively 1999 but literally 2019. If you do the math, the number of possible states grows exponentially as more bytes are added:

  • One Byte   =  8 Bits = 2^8  =           256 Possible States
  • Two Bytes  = 16 Bits = 2^16 =        65,536 Possible States
  • Four Bytes = 32 Bits = 2^32 = 4,294,967,296 Possible States

To follow up on the concept of integers used in game design, the hit video game Paper Mario has a similar integer overflow, but rather than crashing when a particular value exceeds the storage capacity of a byte, it crashes when the a block is hit 4,294,967,296 times, presumably because some new age programer frivolously used four entire bytes of data (an unsigned long).

The fact that more memory is available can mask the presence of integer overflows that--at least hypothetically--may be present in modern software.

Download more RAM. 🐏 ⨉ 0Posted by Louis J. V. Cicalese 3 years ago

Edit History

• [2019-02-27 17:17 PST] Louis J. V. Cicalese (3 years ago)
• [2019-02-27 17:17 PST] August R. Garcia (3 years ago)
• [2019-02-27 17:17 PST] August R. Garcia (3 years ago)
• [2019-02-27 17:17 PST] August R. Garcia (3 years ago)
• [2019-02-27 17:17 PST] August R. Garcia (3 years ago)
• [2019-02-27 17:17 PST] Louis J. V. Cicalese (3 years ago)
🕓 Posted at 27 February, 2019 17:17 PM PST

Profile Photo - Louis J. V. CicaleseLouis J. V. CicaleseAuthor

Post a New Comment

Do you like having a good time?

Register an Account

You can also login to an existing account or reset your password. All use of this site is subject to the terms of service and privacy policy.

Read Quality Articles

Read some quality articles. If you can manage to not get banned for like five minutes, you can even post your own articles.

View Articles →

Argue with People on the Internet

Use your account to explain why people are wrong on the Internet forum.

View Forum →

Vandalize the Wiki

Or don't. I'm not your dad.

View Wiki →

Ask and/or Answer Questions

If someone asks a terrible question, post a LMGTFY link.

View Answers →

Make Some Money

Hire freelancers and/or advertise your goods and/or services. Hire people directly. We're not a middleman or your dad. Manage your own business transactions.

Register an Account