6

Going through Elisabeth Hendrickson's test heuristics cheatsheet , I see the following recommendations :

Numbers : 32768 (2^15) 32769 (2^15+ 1) 65536 (2^16) 65537 (2^16 +1) 2147483648 (2^31) 2147483649 (2^31+ 1) 4294967296 (2^32) 4294967297 (2^32+ 1)

Does someone know the reason for testing all theses cases ? My gut feeling goes with the data type the developer may have used ( integer, long, double...)

Similarly, with Strings :

Long (255, 256, 257, 1000, 1024, 2000, 2048 or more characters)

DSM
  • 342,061
  • 65
  • 592
  • 494
user316054
  • 523
  • 1
  • 6
  • 11

3 Answers3

7

These represent boundaries

Integers

  • 2^15 is at the bounds of signed 16-bit integers
  • 2^16 is at the bounds of unsigned 16-bit integers
  • 2^31 is at the bounds of signed 32-bit integers
  • 2^32 is at the bounds of unsigned 32-bit integers

Testing for values close to common boundaries tests whether overflow is correctly handled (either arithmetic overflow in the case of various integer types, or buffer overflow in the case of long strings that might potentially overflow a buffer).

Strings

  • 255/256 is at the bounds of numbers that can be represented in 8 bits
  • 1024 is at the bounds of numbers that can be represented in 10 bits
  • 2048 is at the bounds of numbers that can be represented in 11 bits

I suspect that the recommendations such as 255, 256, 1000, 1024, 2000, 2048 are based on experience/observation that some developers may allocate a fixed-size buffer that they feel is "big enough no matter what" and fail to check input. That attitude leads to buffer overflow attacks.

Eric J.
  • 147,927
  • 63
  • 340
  • 553
  • 1
    The 2000 maybe targeted on URL length attacks. See [Boutell](http://www.boutell.com/newfaq/misc/urllength.html). Also [Dixon](http://stackoverflow.com/a/417184/693207). – Jürgen Thelen Aug 14 '12 at 21:31
3

These are boundary values close to maximum signed short, maximum unsigned short and same for int. The reason to test them is to find bugs that occur close to the border values of typical data types.

E.g. your code uses signed short and you have a test that exercises something just below and just above the maximum value of such type. If the first test passes and the second one fails, you can easily tell that overflow/truncation on short was the reason.

Tomasz Nurkiewicz
  • 334,321
  • 69
  • 703
  • 674
2

Those numbers are border cases on either side of the fence (+1, 0, and -1) for "whole and round" computer numbers, which are always powers of 2. Those powers of 2 are also not random and are representing standard choices for integer precision - being 8, 16, 32, and so on bits wide.

YePhIcK
  • 5,816
  • 2
  • 27
  • 52