Is it possible to overflow uints?

Question

The Ethereum token tutorial has a check for a uint256 overflow.

function transfer(address _to, uint256 _value) {
    /* Check if sender has balance and for overflows */
    if (balanceOf[msg.sender] < _value || balanceOf[_to] + _value < balanceOf[_to])
        throw;

    /* Add and subtract new balances */
    balanceOf[msg.sender] -= _value;
    balanceOf[_to] += _value;
}

I haven't found references elsewhere to guarding against uint overflows or security flaws in contracts because of them. It seems like both would be common if this was an issue.

Answer 1

Yep. Here's an example of uint overflow and underflow.

contract C {
    // (2**256 - 1) + 1 = 0
    function overflow() returns (uint256 _overflow) {
        uint256 max = 2**256 - 1;
        return max + 1;
    }
// 0 - 1 = 2**256 - 1
function underflow() returns (uint256 _underflow) {
    uint256 min = 0;
    return min - 1;
}

}

You can execute the code here: https://remix.ethereum.org/#version=soljson-latest.js&gist=30378c5375f388a28572dd18d58f787f

Answer 2

Yes, overflow is possible, and be especially careful when using var for example:

In for (var i = 0; i < arrayName.length; i++) { ... }, the type of i will be uint8, because this is the smallest type that is required to hold the value 0. If the array has more than 255 elements, the loop will not terminate.

Using uint i (256 bits) avoids the problem.

Note: The EVM doesn't allow for infinite computation, so the loop will consume all gas and the transaction will be terminated, with fees still being paid to the miner.

Answer 3

Since solidity v0.8.0+ it is not possible to overflow or underflow uints anymore.

If you check @Noah Thorp's answer, you will see solidity will revert and throw an error.

Straight from the docs:

Arithmetic operations revert on underflow and overflow. You can use unchecked { ... } to use the previous wrapping behaviour.

This is now done automatically!