How to detect integer overflow in C/C++?

Integer overflow occurs when an arithmetic operation produces a result that exceeds the maximum value that can be stored in the data type. Detecting overflow before it happens is crucial for preventing undefined behavior and security vulnerabilities in C programs.

Syntax

// For addition overflow detection
if (a > MAX_VALUE - b) {
    // Overflow would occur
}

// For unsigned addition
if (result < operand1 || result < operand2) {
    // Overflow occurred
}

Method 1: Pre-computation Check for Signed Integers

The safest approach is to check for overflow before performing the operation −

#include <stdio.h>
#include <limits.h>

int safeAdd(int a, int b, int *result) {
    if (a > 0 && b > 0 && a > INT_MAX - b) {
        printf("Overflow detected: %d + %d would exceed INT_MAX\n", a, b);
        return 0; // Overflow
    }
    if (a < 0 && b < 0 && a < INT_MIN - b) {
        printf("Underflow detected: %d + %d would be less than INT_MIN\n", a, b);
        return 0; // Underflow
    }
    *result = a + b;
    return 1; // Success
}

int main() {
    int result;
    
    if (safeAdd(2000000000, 500000000, &result)) {
        printf("Result: %d\n", result);
    }
    
    if (safeAdd(INT_MAX, 1, &result)) {
        printf("Result: %d\n", result);
    }
    
    return 0;
}

Result: -1794967296
Overflow detected: 2147483647 + 1 would exceed INT_MAX

Method 2: Post-computation Check for Unsigned Integers

For unsigned integers, you can detect overflow after the operation by checking if the result is smaller than either operand −

#include <stdio.h>
#include <limits.h>

int detectUnsignedOverflow(unsigned int x, unsigned int y) {
    unsigned int result = x + y;
    
    if (result < x || result < y) {
        printf("Overflow detected: %u + %u = %u (wrapped around)\n", x, y, result);
        return 1; // Overflow occurred
    }
    
    printf("No overflow: %u + %u = %u\n", x, y, result);
    return 0; // No overflow
}

int main() {
    unsigned int x = UINT_MAX - 5;
    unsigned int y = 10;
    
    detectUnsignedOverflow(100, 200);
    detectUnsignedOverflow(x, y);
    
    return 0;
}

No overflow: 100 + 200 = 300
Overflow detected: 4294967290 + 10 = 4 (wrapped around)

Method 3: Using Compiler Built-ins

Modern compilers like GCC provide built-in functions for overflow detection −

#include <stdio.h>

int checkOverflowBuiltin(int a, int b) {
    int result;
    
    /* Note: __builtin_add_overflow is a GCC extension */
    if (__builtin_add_overflow(a, b, &result)) {
        printf("Overflow detected using built-in function\n");
        return 1;
    }
    
    printf("Safe addition: %d + %d = %d\n", a, b, result);
    return 0;
}

int main() {
    checkOverflowBuiltin(1000, 2000);
    checkOverflowBuiltin(2147483647, 1);
    
    return 0;
}

Safe addition: 1000 + 2000 = 3000
Overflow detected using built-in function

Note: The __builtin_add_overflow function is a GCC compiler extension and may not be available on all compilers.

Key Points

• Pre-computation checks are safer and prevent undefined behavior entirely.
• Unsigned overflow is well-defined (wraps around), making post-computation detection reliable.
• Signed overflow causes undefined behavior, so pre-computation checks are essential.
• Compiler built-ins provide optimized overflow detection but are not portable.

Conclusion

The safest approach is to check for overflow before performing arithmetic operations. For unsigned integers, post-computation checks work reliably due to well-defined wrap-around behavior, while signed integers require pre-computation validation to avoid undefined behavior.