Data Types & Ranges Cheat Sheet (C / Linux)
This table focuses on C programming on Linux architectures (GCC), highlighting system types critical for understanding Type Confusion, Integer Overflows, and Memory Corruption.
| Data Type | Size (Bytes) (32-bit / 64-bit) | Approximate Range | Format Specifier | Pwnable / Security Notes |
|---|---|---|---|---|
| BASIC INTEGERS | ||||
char / signed char | 1 | -128 to 127 | %c, %hhd | Watch out for Sign Extension bugs when casting to int. |
unsigned char | 1 | 0 to 255 | %c, %hhu | Used for raw bytes, buffers, and shellcode. |
short (signed) | 2 | -32,768 to 32,767 | %hd | |
unsigned short | 2 | 0 to 65,535 | %hu | Standard size for Network Ports. |
int (signed) | 4 | -2B to +2B | %d | Integer Overflow mostly happens here. |
unsigned int | 4 | 0 to ~4.29B | %u, %x | Logic bug: -1 (signed) is interpreted as MAX_INT (unsigned). |
long (signed) | 4 / 8 | Arch dependent | %ld | Note: On Windows 64-bit, long is still 4 bytes. |
unsigned long | 4 / 8 | Arch dependent | %lu, %lx | |
long long | 8 | Huge ($2^{63}$) | %lld | |
| FIXED WIDTH | (<stdint.h>) | Use for precise byte control in exploits | ||
int8_t / uint8_t | 1 | Same as char | PRId8 | |
int16_t / uint16_t | 2 | Same as short | PRId16 | |
int32_t / uint32_t | 4 | Same as int | PRId32 | Common in binary file headers/structures. |
int64_t / uint64_t | 8 | Same as long long | PRId64 | |
| SYSTEM & POINTERS | Critical for Heap/Stack Overflow | |||
size_t (Unsigned) | 4 / 8 | 0 to MAX | %zu | Used for malloc, strlen. Never negative. |
ssize_t (Signed) | 4 / 8 | -1 to MAX | %zd | Used for read/write. Can be negative (-1) to signal error. |
void * (Pointer) | 4 / 8 | Memory Address | %p | Size changes based on CPU architecture. |
intptr_t | 4 / 8 | Fits 1 pointer | %p | Safe type for pointer arithmetic (+/- addresses). |
| FLOATING POINT | ||||
float | 4 | ~7 digits | %f | |
double | 8 | ~15 digits | %lf |