Add tests for integer overflow #541
Description
The application performs a calculation that can produce an integer overflow or underflow. This can happen when an application's logic assumes that a resulting value will always be larger or smaller than the original value. This can lead to other weaknesses because the size of the buffer is incorrectly calculated, such as a buffer overflow.
Use the following guidelines to test for integer overflow:
- Identify sections of the site that perform integer arithmetic with user-supplied values.
- Provide large negative and positive values and inspect the result.
- This test fails if the result is negative when it should be positive, or vice-versa.