New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safemath add function integer overflow check #365

hh3755 opened this Issue Aug 13, 2017 · 1 comment


None yet
2 participants
Copy link

hh3755 commented Aug 13, 2017

Here assert(c >= a); should we check a and b both for a unsigned integer overflow ?

Maybe I missed something, If I'm wrong,please pointing out,thank you.


This comment has been minimized.

Copy link

frangio commented Aug 13, 2017

Hi @hh3755! Thanks for the reaching out.

It actually suffices to check that c >= a. A small proof follows.

We will see that it cannot be that there is overflow and c >= a is true. Suppose there is overflow, then under the usual arithmetic c = a + b - M (where M = 2**256 is the maximum uint256 plus one), because the addition wraps around. If c >= a we can replace to get a + b - M >= a. Cancelling and reordering terms we get b >= M, but this is a contradiction because b is a uint256 and thus b < M.

@hh3755 hh3755 closed this Aug 20, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment