GrepRules
Sign inPublish rule
Explore/cve-2024-36613-div-round-up-intermediate-overflow

CVE-2024-36613: Div Round Up Intermediate Overflow

The bounds check guards against overflow for the final result of `$X + $Y - 1`, but left-to-right evaluation means `$X + $Y` is computed first. If `$X` exactly equals `$MAX - $Y + 1`, `$X + $Y` evaluates to `$MAX + 1`, which can cause a signed integer overflow before subtraction. Rewrite as `$X - 1 + $Y` to ensure all intermediate calculations safely prevent

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0Cβ
greprules fetch cve-2024-36613-div-round-up-intermediate-overflow --engine opengrep

Description

The bounds check guards against overflow for the final result of `$X + $Y - 1`, but left-to-right evaluation means `$X + $Y` is computed first. If `$X` exactly equals `$MAX - $Y + 1`, `$X + $Y` evaluates to `$MAX + 1`, which can cause a signed integer overflow before subtraction. Rewrite as `$X - 1 + $Y` to ensure all intermediate calculations safely prevent

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Quality signals
145 downloads0 direct145 via packs
· 0 stars · Quality score 77How quality works
Included packs
2 packs