Hot lava: A case study in hunting for network integer arithmetic flaws

The text examines common security vulnerabilities related to integer arithmetic, particularly in memory-unsafe languages like C, using the ntop Deep Packet Inspection toolkit (nDPI) as a case study. It highlights how attacker-controlled input, such as remote integer values, can lead to memory overflows and potential remote code execution (RCE) by manipulating integer arithmetic. The analysis reveals specific vulnerabilities in nDPI's SSH and Postgres protocol dissectors, where integer overflow allows controlled remote heap overflow and out-of-bounds reads, leading to Denial of Service (DoS). These issues were reported and addressed, but further scrutiny revealed additional vulnerabilities due to platform-specific integer handling. The document emphasizes the importance of thorough code audits and the use of tools like CodeQL to identify patterns of vulnerability, advocating for defensive programming practices and careful consideration of integer operations to mitigate such risks.