# Magic Numbers: Integers

Josh Poley

Microsoft Corporation

# Introduction

In testing software, we often miss an entire class of bugs just because we don't happen to think about one category of inputs and how they might adversely affect the system. To help combat this in with my own tests, I've pulled together a listing of numbers which are good to use in testing for various independent reasons.

At the very least, here are some free numbers which you can stick into your tests; pick the ones that make sense and add them to your regression tests. But better yet, you can use some of these numbers as a brainstorm to help spurn ideas about other classes of values to test in your application. To give you a brief sample, here are some of the categories covered here:

• Common character values
• Common boundaries
• Times and dates
• Colors
• Security - We cover values that often lead to overflow attacks, as well as characters used in cross site scripting and SQL injection attacks.
• Primes - Prime numbers are good because they can't be divided up nicely.

You may also want to treat the below numbers as boundaries themselves. Depending on your application it might make sense to not only supply the value listed here, but also add or subtract 1 from the number.

# 8 bit Integers (0 - 255)

 Value Hex Description 0 0x00 Zero. False. Terminating NULL character. 1 0x01 One. 2 0x02 Two. 3 0x03 Prime. 4 0x04 Four. Size of a 32 bit integer or pointer. 2^2. 5 0x05 Five fingers. Prime. 7 0x07 2^3 - 1. Largest single digit octal value. Seven days in a week. Prime. 8 0x08 2^3. 10 0x0A Humans usually think in decimal, so arrays, lists, etc. are often a multiple of ten. 15 0x0F 2^4 - 1. Largest single digit hexadecimal value. 16 0x10 2^4. 24 0x18 Hours in a day. 32 0x20 2^5. 34 0x22 Numerical value for the double quote ASCII character which is often used in cross site scripting attacks. 37 0x25 Numerical value for the ASCII character '%' which is an escape sequence in URLs and the C run time library. 38 0x26 Numerical value for the ASCII character '&' which is often used in cross site scripting attacks. 39 0x27 Numerical value for the single quote ASCII character which is often used in cross site scripting attacks. 42 0x2A Aside from a book/movie reference, developers often use this as an arbitrary value. 48 0x30 Numerical value for the ASCII character '0' (zero). 52 0x34 Number of weeks in a year. 59 0x3B Numerical value for the ASCII character ';' which is often used in SQL injection and cross site scripting attacks. 60 0x3C Number of seconds in a minute. Number of minutes in an hour. Numerical value for the ASCII character '<' which is often used in cross site scripting attacks. 62 0x3E Numerical value for the ASCII character '>' which is often used in cross site scripting attacks. 64 0x40 26. 65 0x41 Numerical value for the ASCII character 'A'. 2^6 + 1. 85 0x55 Repeating "01" bit pattern. 90 0x5A 90 degrees. 97 0x61 Numerical value for the ASCII character 'a'. 99 0x63 Two nines. Largest 2 digit value. 100 0x64 100. 127 0x7F 2^7 - 1. The maximum signed 8 bit value. Largest 7 bit prime. Last character in the standard ASCII character map. 128 0x80 2^7. 170 0xAA Repeating "10" bit pattern. 204 0xCC x86 assembly instruction, if executed, halts the process ("int 3"). 251 0xFB Largest 8 bit prime. 255 0xFF The maximum unsigned 8 bit value (2^8 - 1). Maximum filename length on several common file systems. Blue in a 24 bit RGB format.

## Raw List

```0, 1, 2, 3, 4, 5, 7, 8, 10, 15, 16, 24, 32, 34, 37, 38, 39, 42, 48, 52, 59, 60, 62, 64, 65, 85, 90, 97, 99, 100, 127, 128, 170, 204, 251, 255
```

# 16 bit Integers (256 - 65,535)

 Value Hex Description 256 0x0100 2^8. 257 0x0101 2^8 + 1. 260 0x0104 MAX_PATH. 360 0x0168 Number of degrees in a circle. 365 0x016D Number of days in a year. 512 0x0200 2^9. 1000 0x03E8 Number of milliseconds in a second. 1024 0x0400 Kilobyte. 2^10. 1601 0x0641 Year when time started according to the Windows FILETIME format. 1970 0x07B2 Year when time started according to the CRT time_t format. 1999 0x07CF Just before Y2K. 2004 0x07D4 A leap year. 2100 0x0834 Year divisible by four but is not actually a leap year. 3600 0x0E10 Number of seconds in an hour. 4095 0x0FFF 2^12 - 1. 4096 0x1000 4k. 2^12. Size of a page of memory on Windows. Common file system cluster size. 4097 0x1001 2^12 + 1. 9999 0x270F Four nines. Largest value under 10000. 16383 0x3FFF 2^14 - 1. 16384 0x4000 16k. 2^14. Common file system cluster size. 16385 0x4001 2^14 + 1. 32749 0x7FED Largest 15 bit prime. 32767 0x7FFF 2^15 - 1. The maximum signed 16 bit value. 32768 0x8000 32k. 2^15. On a 16 bit platform, this value times 2 (the size of an integer) will overflow to 0. 32769 0x8001 2^15 + 1. 65280 0xFF00 Green in a 24 bit RGB format. 65521 0xFFE1 Largest 16 bit prime. 65535 0xFFFF The maximum unsigned 16 bit value (2^16 - 1).

## Raw List

```256, 257, 260, 360, 365, 512, 1000, 1024, 1601, 1970, 1999, 2004, 2100, 3600, 4095, 4096, 4097, 9999, 16383, 16384, 16385, 32749, 32767, 32768, 32769, 65280, 65521, 65535
```

# 32 bit Integers (65,536 - 4,294,967,295)

 Value Hex Description 65536 0x00010000 2^16. 65537 0x00010001 2^16 + 1. 131072 0x00020000 128k. 1048576 0x00100000 Megabyte. 5550100 0x0054B014 Start of the fictional phone number range. 5550199 0x0054B077 End of the fictional phone number range. 16711680 0x00FF0000 Red in a 32 bit RGB format. 16777215 0x00FFFFFF White in a 24 bit RGB format. 999999999 0x3B9AC9FF Nine nines. Largest 32 bit value with all 9s. 1073741824 0x40000000 Gigabyte. On a 32 bit platform, this value times 4 (the size of an integer) will overflow to 0. 1431655765 0x55555555 Repeating 01 bit pattern. 2130706433 0x7F000001 Equivalent to 127.0.0.1 in a packed IP format (loop back address). 2147483647 0x7FFFFFFF The maximum signed 32 bit value. Largest 31 bit prime. 2851995649 0xA9FE0000 Equivalent to 169.254.0.1 in a packed IP format (auto IP address). 2863311530 0xAAAAAAAA Repeating 10 bit pattern. 3221225472 0xC0000000 Three gigabytes, which is the size of addressable memory when Windows applications use the /LARGEADDRESSAWARE linker switch. 4294967291 0xFFFFFFFB Largest 32 bit prime. 4294967295 0xFFFFFFFF The maximum unsigned 32 bit value (2^32 - 1).

## Raw List

```65536, 65537, 131072, 1048576, 5550100, 5550199, 16711680, 16777215, 999999999, 1073741824, 1431655765, 2130706433, 2147483647, 2851995649, 2863311530, 3221225472, 4294967291, 4294967295
```

# 64 bit Integers (4,294,967,296 - 18,446,744,073,709,551,615)

 Value Hex Description 4294967296 0x0000000100000000 2^32. 4294967297 0x0000000100000001 2^32 + 1. 36000000000 0x0000000861C46800 One hour in the Windows FILETIME format. 1099511627776 0x0000010000000000 Terabyte. 4222222222222 0x000003D7100E438E Visa test credit card number. 30569309025904 0x00001BCD78CE3670 Diners Club test credit card number. 38520000023237 0x00002308A2EB0AC5 Diners Club test credit card number. 371449635398431 0x000151D4DB91E31F American Express test credit card number. 378282246310005 0x0001580BB2EA8875 American Express test credit card number. 378734493671000 0x00015874FEF59E58 Corporate American Express test credit card number. 1125899906842624 0x0004000000000000 Petabyte. 3530111333300000 0x000C8A9E1809F720 JCB test credit card number. 3566002020360505 0x000CAB428BB12139 JCB test credit card number. 4012888888881881 0x000E41B380BEB2D9 Visa test credit card number. 4111111111111111 0x000E9B08A568F1C7 Visa test credit card number. 5105105105105100 0x00122310E854B0CC MasterCard test credit card number. 5555555555554444 0x0013BCBF936B348C MasterCard test credit card number. 5610591081018250 0x0013EECD885D338A Australian BankCard test credit card number. 6011000990139424 0x0155AF93AC304200 Discover test credit card number. 6011111111111117 0x0155B12DE7BB1CD0 Discover test credit card number. 1152921504606846976 0x1000000000000000 Exabyte. 2305843009213693952 0x2000000000000000 On a 64 bit platform, this value times 8 (the size of an integer) will overflow to 0. 9223372036854775783 0x7FFFFFFFFFFFFFE7 Largest 63 bit prime. 9223372036854775807 0x7FFFFFFFFFFFFFFF The maximum signed 64 bit value. 9999999999999999999 0x8AC7230489E7FFFF Nineteen nines. Largest 64 bit value with all 9s. 18446744073709551557 0xFFFFFFFFFFFFFFC5 Largest 64 bit prime. 18446744073709551615 0xFFFFFFFFFFFFFFFF The maximum unsigned 64 bit value.

## Raw List

```4294967296, 4294967297, 36000000000, 1099511627776, 4222222222222, 30569309025904, 38520000023237, 371449635398431, 378282246310005, 378734493671000, 1125899906842624, 3530111333300000, 3566002020360505, 4012888888881881, 4111111111111111, 5105105105105100, 5555555555554444, 5610591081018250, 6011000990139424, 6011111111111117, 1152921504606846976, 2305843009213693952, 9223372036854775783, 9223372036854775807, 9999999999999999999, 18446744073709551557, 18446744073709551615
```

# Negative Integers

The constants here are the specific to signed integer values, and should be used when applications utilize negative inputs. To compliment your test cases, be sure to pull numbers from the above tables (after changing their sign) as many of them maintain appropriateness in the negative domain.

 Value Description -1 Negative one. -128 Minimum signed 8 bit value. -32768 Minimum signed 16 bit value. -2147483248 Minimum signed 32 bit value. -9223372036854775808 Minimum signed 64 bit value.

## Raw List

```-1, -128, -32768, -2147483248, -9223372036854775808
```

# Closing Thoughts

Since everything is stored as a number, this really only brushes the tip of what could (or should) be considered "important". For your own tests, you will want to think about the domain and come up with the best values to ensure good coverage in your code base. The numbers here are just stock values, and you will definitely want to "build your own" numbers. For example, look for hard coded values in the code you are testing, and use these. You will also want to look for interfaces which take a count of objects; fabricate and pass in a count which when multiplied by the size of the object will cause an integer overflow.