Esc

Integer Range Validation

Definition

Ensuring that an integer is within a valid range.

How it Works

Integer Range Validation can be done by programmatically checking the value of an integer before or after an operation to determine if the resulting value will be valid. Checking the value of an integer to ensure it is in a valid range helps prevent integer overflow, wraparound, and logical errors.

Considerations

A valid range can be defined by language, data-type, or logical constraints.
Take extra care when doing operations on integers that will result in a value close to the bounds of a valid range.
Note: This resource should not be considered a definitive or exhaustive coding guideline.

json

References

All

Guideline

The following references were used to develop the Integer Range Validation knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

SEI CERT C Coding Standard

Reference Type: Guideline Organization: Software Engineering Institute

Source:

https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf

D3FEND^™

A knowledge graph of cybersecurity countermeasures