DOCSLIB.ORG

Secure Programming

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Secure Programming SECURE PROGRAMMING A.A. 2018/2019 INTEGER SECURITY System, Social and Mobile Security SECURITY FLAWS The integers are formed by the natural numbers including 0 (0, 1, 2, 3, . .) together with the negatives of the nonzero natural numbers (–1, –2, –3, . .). Integers represent a growing and underestimated source of vulnerabilities in C programs, primarily because boundary. When developing secure systems, we cannot assume that a program will operate normally, given a range of expected inputs, because attackers are looking for input values that produce an abnormal effect. System, Social and Mobile Security REPRESENTATION So, how are integer represented in C? Sign magnitude or two’s complement? System, Social and Mobile Security TWO’S COMPLEMENT Binary value Two's complement Unsigned 00000000 0 0 00000001 1 1 ⋮ ⋮ ⋮ 01111110 126 126 01111111 127 127 10000000 −128 128 10000001 −127 129 10000010 −126 130 ⋮ ⋮ ⋮ 11111110 −2 254 11111111 −1 255 In two's-complement, there is only one zero, represented as 00000000. Negating a number (whether negative or positive) is done by inverting all the bits and then adding one to that result System, Social and Mobile Security HOW TO GET THE COMPLEMENTARY From a number to its complement: from 5 to -5 Flip all the bits and then + 1 0000 0101 (value 5) ü1111 1010 (flip) ü1111 1011 (+1) You can do the inverse algorithm: when an integer number starts with 1 it means that it is negative ü1111 1011 value (-5) ü1111 1010 (-1) ü0000 0101 (flip) System, Social and Mobile Security HOW MANY NUMBERS CAN I REPRESENT? With n bits üFrom (-2N−1) to (2N−1 − 1) ü There is no “-0”, so it is possible to represent one more negative number For instance, with 8 bits, üfrom -128 to + 127 1000 0000 0111 1111 The rule in the previous slide to get the complimentary does not work because 128 is not representable with 8 bits in two’s complement System, Social and Mobile Security OPERATION EXAMPLES Ok! 11111 111 (carry) 0000 1111 (15) 0000 1111 (15) + 1111 1011 (−5) + 1111 1011 (−5) ================== 0000 1010 (10) arithmetic overflow! 0111 (carry) 0111 (7) 0111 (7) + 0011 (3) + 0011 (3) ============= 1010 (−6) invalid! Ok! 11110 000 (borrow) 0000 1111 (15) 0000 1111 (15) − 1111 1011 (−5) − 1111 1011 (−5) =========== 0001 0100 (20) System, Social and Mobile Security UNSIGNED TYPES System, Social and Mobile Security WRAPAROUND A computation involving unsigned operands can never overflow, because a result that cannot be represented by the resulting unsigned integer type is reduced modulo the number that is 1 greater than the largest value that can be represented by the resulting type. System, Social and Mobile Security EXAMPLE System, Social and Mobile Security EXAMPLE for (unsigned i = n; --i >= 0; ) // will never terminate This type of software failure occurred on Saturday, December 25, 2004, when Comair halted all operations and grounded 1,100 flights after a crash of its flight-crew- scheduling software. The software failure was the result of a 16-bit counter that limits the number of changes to 32,768 in any given month. Storms earlier in the month caused many crew reassignments, and the 16-bit value was exceeded. System, Social and Mobile Security CHECKS System, Social and Mobile Security CHECKS System, Social and Mobile Security OPERATORS AND WRAPS System, Social and Mobile Security SIGNED TYPES System, Social and Mobile Security SIGNED TYPES In C, each unsigned integer type, excluding the type _Bool, has a corresponding signed integer type that occupies the same amount of storage. üsigned char üshort int üint ülong int ülong long int System, Social and Mobile Security WHY SO MANY SIGNED TYPES? Most integer variables are used as sizes, counters, or indices that require only nonnegative values. So why not declare them as unsigned integers that have a greater range of positive values? One possible explanation is the lack of an exception- handling mechanism in C. As a result, C programmers have developed various mechanisms for returning status from functions. System, Social and Mobile Security WRAP WHEEL Two’s complement System, Social and Mobile Security FROM GREATEST TO LOWEST System, Social and Mobile Security EXAMPLES System, Social and Mobile Security TABLE OF OPERATORS System, Social and Mobile Security SIGNED AND UNSIGNED CHAR The CERT C Secure Coding Standard, “INT07-C. Use only explicitly signed or unsigned char type for numeric values” üIt is the only portable way to guarantee the signedness of the character types. System, Social and Mobile Security TYPE CONVERSIONS System, Social and Mobile Security HIERARCHY OF TYPES When arithmetic operands have different types, the implicit type conversion is governed by the types’ conversion rank. üAny two unsigned integer types have different conversion ranks. If one is wider than the other, then it has a higher rank. üEach signed integer type has the same rank as the corresponding unsigned type. üThe standard integer types are ranked in the order: • _Bool < char < short < int < long < long long üThe floating-point types are ranked in the following order: • float < double < long double üThe lowest-ranked floating-point type, float, has a higher rank than any integer type. üEnum have the same rank as int. System, Social and Mobile Security INTEGER PROMOTION In any expression, you can always use a value whose type ranks lower than int in place of an operand of type int or unsigned int. In these cases, the compiler applies integer promotion: any operand whose type ranks lower than int is automatically converted to the type int, provided int is capable of representing all values of the operand’s original type. If int is not sufficient, the operand is converted to unsigned int. Operations in the CPU are executed on 4 bytes at least System, Social and Mobile Security EXAMPLE 120 #include <stdio.h> int main() { char a = 30, b = 40, c = 10; char d = (a * b) / c; printf ("%d ", d); return 0; } at first look, the expression (a*b)/c seems to cause arithmetic overflow because signed characters can have values only from -128 to 127 (in most of the C compilers), and the value of subexpression ‘(a*b)’ is 1200 which is greater than 128. But integer promotion happens here in arithmetic done on char types and we get the appropriate result without any overflow. System, Social and Mobile Security WHAT DOES IT HAPPEN? The usual arithmetic conversions are applied as follows: üIf either operand has a floating-point type, then the operand with the lower conversion rank is converted to a type with the same rank as the other operand. Real types are converted only to real types. üIf both operands are integers, integer promotion is first performed on both operands. If after integer promotion the operands still have different types, conversion continues as follows: • If one operand has an unsigned type T whose conversion rank is at least as high as that of the other operand’s type, then the other operand is converted to type T. • Otherwise, one operand has a signed type T whose conversion rank is higher than that of the other operand’s type. The other operand is converted to type T only if type T is capable of representing all values of its previous type. If not, then both operands are converted to the unsigned type that corresponds to the signed type T. System, Social and Mobile Security int x = 0; EXAMPLES int i = -1; unsigned int limit = 200U; long n = 30L; if ( i < limit ) x = limit * n; printf(“%d\n”, x); 0 In this example, to evaluate the comparison in the if condition, the value of i, –1, must first be converted to the type unsigned int. The result is a large positive number (next slide). Hence, the if condition is false. In the if, the value of limit is converted to n’s type, long, if the value range of long contains the whole value range of unsigned int. If not— for example, if both int and long are 32 bits wide—then both multiplicands are converted to unsigned long. System, Social and Mobile Security CONVERSIONS TO UNSIGNED INTEGER TYPES Integer values are always preserved if they are within the range of the new unsigned type üBetween 0 and Utype_MaX For values outside the new unsigned type’s range, the value after conversion is the value obtained by adding (Utype_MAX + 1) as many times as necessary until the result is within the range of the new type. unsigned short n = 1000; // The value 1000 is within the range of // unsigned short n = -1; // the value –1 must be converted. –1 + (USHRT_MAX + 1) = USHRT_MAX, the final statement in the previous example is equivalent to n = USHRT_MAX; System, Social and Mobile Security INTEGER VULNERABILITIES System, Social and Mobile Security EXAMPLE JPEG COM Marker Processing Vulnerability in Netscape Browsers size_t is always an alias for an unsigned type What if 1 is passed as length? System, Social and Mobile Security CONVERSION ERRORS malloc() takes size_t as argument What if 1 negative? System, Social and Mobile Security TRUNCATION 65,500 chars for argv[1] 536 chars for argv[2] +1 = 65,537 an UINT_MaX is 65535 a string of 1 char is allocated: buffer overflow! System, Social and Mobile Security MITIGaTION STRATEGIES System, Social and Mobile Security ERRORS As we have seen, integer vulnerabilities result from integer type range errors. For example, integer overflows occur when integer operations generate a value that is out of range for a particular integer type. Truncation errors occur when a value is stored in a type that is too small to represent the result. Conversions, particularly those resulting from assignment or casts, can result in values that are out of the range of the resulting type.
Load more

Recommended publications
  • Type-Safe Composition of Object Modules*
    International Conference on Computer Systems and Education I ISc Bangalore Typ esafe Comp osition of Ob ject Mo dules Guruduth Banavar Gary Lindstrom Douglas Orr Department of Computer Science University of Utah Salt LakeCity Utah USA Abstract Intro duction It is widely agreed that strong typing in We describ e a facility that enables routine creases the reliability and eciency of soft typ echecking during the linkage of exter ware However compilers for statically typ ed nal declarations and denitions of separately languages suchasC and C in tradi compiled programs in ANSI C The primary tional nonintegrated programming environ advantage of our serverstyle typ echecked ments guarantee complete typ esafety only linkage facility is the ability to program the within a compilation unit but not across comp osition of ob ject mo dules via a suite of suchunits Longstanding and widely avail strongly typ ed mo dule combination op era able linkers comp ose separately compiled tors Such programmability enables one to units bymatching symb ols purely byname easily incorp orate programmerdened data equivalence with no regard to their typ es format conversion stubs at linktime In ad Such common denominator linkers accom dition our linkage facility is able to automat mo date ob ject mo dules from various source ically generate safe co ercion stubs for com languages by simply ignoring the static se patible encapsulated data mantics of the language Moreover com monly used ob ject le formats are not de signed to incorp orate source language typ e
    [Show full text]
  • 5. Data Types
    IEEE FOR THE FUNCTIONAL VERIFICATION LANGUAGE e Std 1647-2011 5. Data types The e language has a number of predefined data types, including the integer and Boolean scalar types common to most programming languages. In addition, new scalar data types (enumerated types) that are appropriate for programming, modeling hardware, and interfacing with hardware simulators can be created. The e language also provides a powerful mechanism for defining OO hierarchical data structures (structs) and ordered collections of elements of the same type (lists). The following subclauses provide a basic explanation of e data types. 5.1 e data types Most e expressions have an explicit data type, as follows: — Scalar types — Scalar subtypes — Enumerated scalar types — Casting of enumerated types in comparisons — Struct types — Struct subtypes — Referencing fields in when constructs — List types — The set type — The string type — The real type — The external_pointer type — The “untyped” pseudo type Certain expressions, such as HDL objects, have no explicit data type. See 5.2 for information on how these expressions are handled. 5.1.1 Scalar types Scalar types in e are one of the following: numeric, Boolean, or enumerated. Table 17 shows the predefined numeric and Boolean types. Both signed and unsigned integers can be of any size and, thus, of any range. See 5.1.2 for information on how to specify the size and range of a scalar field or variable explicitly. See also Clause 4. 5.1.2 Scalar subtypes A scalar subtype can be named and created by using a scalar modifier to specify the range or bit width of a scalar type.
    [Show full text]
  • Python Programming
    Python Programming Wikibooks.org June 22, 2012 On the 28th of April 2012 the contents of the English as well as German Wikibooks and Wikipedia projects were licensed under Creative Commons Attribution-ShareAlike 3.0 Unported license. An URI to this license is given in the list of figures on page 149. If this document is a derived work from the contents of one of these projects and the content was still licensed by the project under this license at the time of derivation this document has to be licensed under the same, a similar or a compatible license, as stated in section 4b of the license. The list of contributors is included in chapter Contributors on page 143. The licenses GPL, LGPL and GFDL are included in chapter Licenses on page 153, since this book and/or parts of it may or may not be licensed under one or more of these licenses, and thus require inclusion of these licenses. The licenses of the figures are given in the list of figures on page 149. This PDF was generated by the LATEX typesetting software. The LATEX source code is included as an attachment (source.7z.txt) in this PDF file. To extract the source from the PDF file, we recommend the use of http://www.pdflabs.com/tools/pdftk-the-pdf-toolkit/ utility or clicking the paper clip attachment symbol on the lower left of your PDF Viewer, selecting Save Attachment. After extracting it from the PDF file you have to rename it to source.7z. To uncompress the resulting archive we recommend the use of http://www.7-zip.org/.
    [Show full text]
  • Type Conversion ,Type Casting, Operator Precedence and Associativity in C
    Type Conversion ,Type Casting, Operator Precedence and Associativity in C Gaurav Kr. suman 4/30/20 MAT09 The type conversion in C is basically converting one type of data type to other to perform some operation. The conversion is done only between those datatypes wherein the conversion is possible There are two types of type conversion: This type of conversion is usually performed by the compiler when necessary without any commands by the user. Thus it is also called "Automatic Type Conversion". • Done by the compiler on its own, without any external trigger from the user. • Generally takes place when in an expression more than one data type is present. In such condition type conversion (type promotion) takes place to avoid lose of data. • All the data types of the variables are upgraded to the data type of the variable with largest data type. Now, let’s focus on some examples to further understand about type conversions in C. Example 1 int a = 20; double b = 20.5; a + b; Here, first operand is int type and other is of type double. So, as per rule, the variable a will be converted to double. Therefore, the final answer is double a + b = 40.500000. Example 2 char ch='a'; int a =13; a+c; Here, first operand is char type and other is of type int. So, as per rule , the char variable will be converted to int type during the operation and the final answer will be of type int. We know the ASCII value for ch is 97.
    [Show full text]
  • Object Oriented Pogramming with C++
    OBJECT ORIENTED POGRAMMING WITH C++ 1. What is type conversion? Type Conversion is the process of converting one predefined type into another type. When variables of one type are mixed with variables of another type, a type conversion will occur. C++ facilitates the type conversion into the following two forms: Implicit Type Conversion: An implicit type conversion is a conversion performed by the compiler without programmer's intervention. It is applied whenever different data types are intermixed in an expression, so as not to lose information short x=6000; int y; y=x; // data type short variable x is converted to int and is assigned to the integer variable y. Explicit Type Conversion: The explicit conversion of an operand to a specific type is called type casting. An explicit type conversion is user-defined that forces an expression to be of specific type. Syntax: (type) expression #include <iostream.h> void main( ) { int a; float b, c; cout << "Enter the value of a:"; cin >> a; cout << "Enter the value of b:"; cin >> b; c = float(a)+b; cout << "The value of c is:" << c; getch(); } In the above program “a” is declared as integer and “b” and “c” are declared as float. In the type conversion statement namely c = float (a) +b; The variable a of type integer is converted into float type and so the value 10 is converted as 10.0 and then is added with the float variable b with value 12.5 giving a resultant float variable c with value as 22.5 2. Why C++ is called OOP language? M.VIJAY .
    [Show full text]
  • VHDL Type Conversion | Bitweenie
    VHDL Type Conversion | BitWeenie http://www.bitweenie.com/listings/vhdl-type-conversion/ Home About Electrical Engineer Jobs Request Topic Resources Home » VHDL Type Conversion VHDL Type Conversion Posted by Shannon Hilbert in Verilog / VHDL on 2-10-13 Any given VHDL FPGA design may have multiple VHDL types being used. The most common VHDL types used in synthesizable VHDL code are std_logic, std_logic_vector, signed, unsigned, and integer. Because VHDL is a strongly-typed language, most often differing types cannot be used in the same expression. In cases where you can directly combine two types into one expression, you are really leaving it up to the compiler or synthesis tool to determine how the expression should behave, which is a dangerous thing to do. This article will discuss the following concepts: 1. Type casting and conversion functions. 2. The importance of using the appropriate type. 3. Common uses and examples. VHDL Type Cast and Conversion Functions The picture below illustrates how to convert between the most common VHDL types. Type casting is used to move between the std_logic_vector type and the signed and unsigned types. 1 --signal definitions 2 signal slv : std_logic_vector(7 downto 0); 3 signal s : signed(7 downto 0); 4 signal us : unsigned(7 downto 0); 5 6 --FROM std_logic_vector TO signed/unsigned 1 de 5 07/10/2015 14:58 VHDL Type Conversion | BitWeenie http://www.bitweenie.com/listings/vhdl-type-conversion/ 7 sgn <= signed(slv); 8 usgn <= unsigned(slv); 9 10-- FROM signed/unsigned TO std_logic_vector 11svl <= std_logic_vector(sgn); 12svl <= std_logic_vector(usgn); Functions are used to move between signed and unsigned types and the integer type.
    [Show full text]
  • N1592 Explicit Conversion Operators
    Document Number: SC22/WG21/N1592=04-0032 Date: 2004-2-13 Author: Lois Goldthwaite Email: [email protected] Explicit Conversion Operators This paper proposes a small change in C++ grammar to permit the function-specifier 'explicit' to be applied to the definition of a user-defined conversion operator. The semantic effect is to inhibit automatic conversions in situations where they may not have been intended. The Problem One of the design principles of C++ is that the language does not enforce a different syntax for user-defined types and built-in primitive types. A variable of either category can be passed by value (assuming the programmer has not intentionally disabled this), and a variable of any type can be passed by reference. The compiler will perform automatic promotions and conversions, if necessary, when numeric types are used as function parameters or when differing types are combined with an operator (int to long, signed to unsigned, float to double, etc.). Similarly, the programmer can write conversion functions for user-defined types, so that the conversions will take place transparently. This is a feature, and A Good Thing, as it decreases the number of overloaded functions which would otherwise be needed (D&E 3.6.1). In Modern C++ Design, Alexandrescu says, "User-defined conversions in C++ have an interesting history. Back in the 1980s, when user-defined conversions were introduced, most programmers considered them a great invention. User-defined conversions promised a more unified type system, expressive semantics, and the ability to define new types that were indistinguishable from built-in ones.
    [Show full text]
  • Polymorphism
    Polymorphism A closer look at types.... Chap 8 polymorphism º comes from Greek meaning ‘many forms’ In programming: Def: A function or operator is polymorphic if it has at least two possible types. Polymorphism i) OverloaDing Def: An overloaDeD function name or operator is one that has at least two Definitions, all of Different types. Example: In Java the ‘+’ operator is overloaDeD. String s = “abc” + “def”; +: String * String ® String int i = 3 + 5; +: int * int ® int Polymorphism Example: Java allows user DefineD polymorphism with overloaDeD function names. bool f (char a, char b) { return a == b; f : char * char ® bool } bool f (int a, int b) { f : int * int ® bool return a == b; } Note: ML Does not allow function overloaDing Polymorphism ii) Parameter Coercion Def: An implicit type conversion is calleD a coercion. Coercions usually exploit the type-subtype relationship because a wiDening type conversion from subtype to supertype is always DeemeD safe ® a compiler can insert these automatically ® type coercions. Example: type coercion in Java Double x; x = 2; the value 2 is coerceD from int to Double by the compiler Polymorphism Parameter coercion is an implicit type conversion on parameters. Parameter coercion makes writing programs easier – one function can be applieD to many subtypes. Example: Java voiD f (Double a) { ... } int Ì double float Ì double short Ì double all legal types that can be passeD to function ‘f’. byte Ì double char Ì double Note: ML Does not perform type coercion (ML has no notion of subtype). Polymorphism iii) Parametric Polymorphism Def: A function exhibits parametric polymorphism if it has a type that contains one or more type variables.
    [Show full text]
  • Primitive Data, Variables, and Expressions; Simple Conditional Execution
    Unit 2, Part 1 Primitive Data, Variables, and Expressions; Simple Conditional Execution Computer Science S-111 Harvard University David G. Sullivan, Ph.D. Overview of the Programming Process Analysis/Specification Design Implementation Testing/Debugging Example Problem: Adding Up Your Change • Let's say that we have a bunch of coins of various types, and we want to figure out how much money we have. • Let’s begin the process of developing a program that does this. Step 1: Analysis and Specification • Analyze the problem (making sure that you understand it), and specify the problem requirements clearly and unambiguously. • Describe exactly what the program will do, without worrying about how it will do it. Step 2: Design • Determine the necessary algorithms (and possibly other aspects of the program) and sketch out a design for them. • This is where we figure out how the program will solve the problem. • Algorithms are often designed using pseudocode. • more informal than an actual programming language • allows us to avoid worrying about the syntax of the language • example for our change-adder problem: get the number of quarters get the number of dimes get the number of nickels get the number of pennies compute the total value of the coins output the total value Step 3: Implementation • Translate your design into the programming language. pseudocode code • We need to learn more Java before we can do this! • Here's a portion or fragment of a Java program for computing the value of a particular collection of coins: quarters = 10; dimes = 3; nickels = 7; pennies = 6; cents = 25*quarters + 10*dimes + 5*nickels + pennies; System.out.println("Your total in cents is:"); System.out.println(cents); • In a moment, we'll use this fragment to examine some of the fundamental building blocks of a Java program.
    [Show full text]
  • Operator Overloading, Friend Functions/Classes
    Chapter 8 Operator Overloading, Friends, and References Learning Objectives Basic Operator Overloading Unary operators As member functions Friends and Automatic Type Conversion Friend functions, friend classes Constructors for automatic type conversion References and More Overloading << and >> Operators: = , ++, -- Operator Overloading Introduction Operators +, -, %, ==, etc. Really just functions! Simply ‘called’ with different syntax: x + 7 ‘+’ is binary operator with x & 7 as operands We ‘like’ this notation as humans Think of it as: +(x, 7) ‘+’ is the function name x, 7 are the arguments Function ‘+’ returns ‘sum’ of it’s arguments Operator Overloading Perspective Built-in operators e.g.: +, -, = , %, ==, /, * Already work for C++ built-in types In standard ‘binary’ notation We can overload them! To work with OUR types! To add ‘Chair types’, or ‘Money types’ As appropriate for our needs In ‘notation’ we’re comfortable with Always overload with similar ‘actions’! Overloading Basics Overloading operators VERY similar to overloading functions Operator itself is ‘name’ of function Example Declaration: const Money operator +( const Money& amount1, const Money& amount2); Overloads + for operands of type Money Uses constant reference parameters for efficiency Returned value is type Money Allows addition of ‘Money’ objects Overloaded ‘+’ Given previous example: Note: overloaded ‘+’ NOT member function Definition is ‘more involved’ than simple ‘add’ Requires issues of money type addition Must handle
    [Show full text]
  • Type Conversion Type Conversion
    1.3b Type Conversion Type Conversion When we write expressions involved data that involves two different data types , such as multiplying an integer and floating – point number, we need to perform a type conversion…. Two type of conversions mainly Implicit type conversion Explicit type conversion Implicit Type Conversion When the types of the two operands in a binary expression are different,C automatically converts one type to another which is known as Implicit Type Conversion. Some of the simple conversions are : Conversion Rank Conversions in Assignment Expressions Promotion Demotion Conversion in other Binary Expressions Conversion Rank In C , we assign a rank to the integral and floating point arithmetic types Real 9.long double 10.double 11.float Conversion Rank Integer 6.long long 5.long 4. int 3. short Character 2. Char Boolean 1. Bool Conversions in Assignment Expressions A simple assignment involves an assignment operator and two operands Depending on the difference in the rank, C tries to either promote or demote the right expression to make it the same rank as the left variable. Promotion occurs if the right expression has lower rank Demotion occurs if the right expression has a higher rank Promotion The rank of the left expression is elevated to the rank of the left variable The value of the expression is the value of the right expression after the promotion bool b = true; char c = ‘A’; int i = 1234; long double d = 3458.0004 c = b; //Value of c is SOH i = c; //Value of i is 65 d = b; //Value of d is 1.0 d = i; //Value of d is 1234.0 Demotion If the size of the variable at the left side can accommodate the value of the expression, there is no problem An integral or real value can be assigned to a Boolean Type.
    [Show full text]
  • Chapter 6 Data Types
    Chapter 6 Data Types • Introduction • Type Nomenclature • Primitive Types • Type constructors – Ordinal Types – Structured Types • Type Checking • Type conversion CSCI325 Chapter 6 Dr Ahmed Rafea 1 Introduction Evolution of Data Types: FORTRAN I (1956) - INTEGER, REAL, arrays … Ada (1983) - User can create a unique type for every category of variables in the problem space and have the system enforce the types Def: A descriptor is the collection of the attributes of a variable Def: A data type is a set of values, together with a set of operations on those values having certain properties CSCI325 Chapter 6 Dr Ahmed Rafea 2 Type Nomenclature C Types Basic Derived Void Numeric Pointer Array Function struct union Integral Floating Float (signed) enum Double (unsigned) Long double char Int Short int Long int CSCI325 Chapter 6 Dr Ahmed Rafea 3 Primitive Data Types Integer - Almost always an exact reflection of the hardware, so the mapping is trivial - There may be as many as eight different integer types in a language Floating Point - Model real numbers, but only as approximations - Languages for scientific use support at least two floating-point types; sometimes more - Usually exactly like the hardware, but not always; Decimal - For business applications (money) - Store a fixed number of decimal digits (coded) - Advantage: accuracy - Disadvantages: limited range, wastes memory Boolean - Could be implemented as bits, but often as bytes - Advantage: readability CSCI325 Chapter 6 Dr Ahmed Rafea 4 Ordinal Types (user defined) An ordinal type is one in which the range of possible values can be easily associated with the set of positive integers 1.
    [Show full text]