5

This is my implementation to detect if an unsigned int overflow has occurred when trying to add two numbers.

The max value of unsigned int (UINT_MAX) on my system is 4294967295.

int check_addition_overflow(unsigned int a, unsigned int b) {
   if (a > 0 && b > (UINT_MAX - a)) {
    printf("overflow has occured\n");
   }
   return 0;
}

This seems to work with the values I've tried.

Any rogue cases? What do you think are the pros and cons?

user438383
  • 5,716
  • 8
  • 28
  • 43
Kingamere
  • 9,496
  • 23
  • 71
  • 110
  • 3
    Your code accepts `int` but your text is talking about `unsigned int` ... which is it? – M.M Nov 26 '15 at 23:35
  • `unsigned int` is what I have implemented and I forgot to enter that in this question – Kingamere Nov 26 '15 at 23:41
  • 1
    This code won't compile. Use `{` instead of `[`. – MikeCAT Nov 26 '15 at 23:41
  • 3
    @Kingamere your function has `int` return type and does not return anything. Seriously! – ouah Nov 26 '15 at 23:41
  • 1
    You must return some value, but you don't. So, even if the typo is corrected. this function won't work in any case. – MikeCAT Nov 26 '15 at 23:42
  • 1
    @Amit can you explain what that code does? As for everyone else, quit being so pedantic. These are just typos. The point of the question is to look at if the logic in the if statement satisfies checking for buffer overflow. – Kingamere Nov 26 '15 at 23:44
  • http://stackoverflow.com/questions/199333/how-to-detect-integer-overflow-in-c-c?rq=1 Asked here as well, – L.P. Nov 26 '15 at 23:48
  • 4
    @Kingamere could you explain why the `a > 0` condition? – ouah Nov 26 '15 at 23:48
  • Looking back, seems like doesn't do anything. I thought it did when I first implemented it EDIT: I remember. I was using signed int but now switched to unsigned – Kingamere Nov 26 '15 at 23:56

2 Answers2

16

You could use

if((a + b) < a)

The point is that if a + b is overflowing, the result will be trimmed and must be lower then a.

Consider the case with hypothetical bound range of 0 -> 9 (overflows at 10):

b can be 9 at the most. For any value a such that a + b >= 10, (a + 9) % 10 < a.
For any values a, b such that a + b < 10, since b is not negative, a + b >= a.

Amit
  • 45,440
  • 9
  • 78
  • 110
  • upv because this solution is better but this doesn't answer OP question – ouah Nov 26 '15 at 23:59
  • @ouah - thanks. the answer is here since OP asked in comments if I could explain that solution and it was too long for a comment. – Amit Nov 27 '15 at 00:01
0

I believe OP was referring to carry-out, not overflow. Overflow occurs when the addition/subtraction of two signed numbers doesn't fit into the number of type's bits size -1 (minus sign bit). For example, if an integer type has 32 bits, then adding 2147483647 (0x7FFFFFFF) and 1 gives us -2 (0x80000000).

So, the result fits into 32 bits and there is no carry-out. The true result should be 2147483648, but this doesn't fit into 31 bits. Cpu has no idea of signed/unsigned value, so it simply add bits together, where 0x7FFFFFFF + 1 = 0x80000000. So the carry of bits #31 was added to bit #32 (1 + 0 = 1), which is actually a sign bit, changed result from + to -.

Since the sign changed, the CPU would set the overflow flag to 1 and carry flag to 0.

Igor Fujs
  • 11
  • 3