Buffer overflow: Difference between revisions
imported>Eric M Gearhart (corrected link to processor) |
imported>Eric M Gearhart (Fixed citation) |
||
| Line 18: | Line 18: | ||
===In Software=== | ===In Software=== | ||
Valgrind is an [[open source]] suite of tools that are designed to assist with [[debugging]] and improving the performance of software. It simulates the execution of code on a virtual [[x86]] [[CPU|processor]], and intercepts certain function calls, allowing for fine-grained buffer overflow detection on the heap.<ref name="Name">{{cite web| url=www.cs.umd.edu/~pugh/BugWorkshop05/papers/61-zhivich.pdf|title="Dynamic Buffer Overflow Detection"|date=Retreived 11-April-2007}}</ref> | Valgrind is an [[open source]] suite of tools that are designed to assist with [[debugging]] and improving the performance of software. It simulates the execution of code on a virtual [[x86]] [[CPU|processor]], and intercepts certain function calls, allowing for fine-grained buffer overflow detection on the heap.<ref name="Name">{{cite web| url=http://www.cs.umd.edu/~pugh/BugWorkshop05/papers/61-zhivich.pdf|title="Dynamic Buffer Overflow Detection"|date=Retreived 11-April-2007}}</ref> | ||
===In Hardware=== | ===In Hardware=== | ||
Revision as of 16:01, 11 April 2007
In computers and computer security, a buffer overflow occurs when more data is written to a memory buffer than can fit into the memory buffer. In certain programs, the excess data is written to memory beyond that buffer, overwriting other data. This error is the most common type of Computer security flaw, and its prevalence is due to the common use of languages such as C which have no implicit method to prevent buffer overflows.
Other names for this attack include "buffer overrun" and "Smashing the Stack," both of which describe the concept.[1]
Technical Explanation
A software execution stack exists for every process running on a computer. Parts of the stack contain program variables, and other parts contain information such as saved program counter address. Many programs---often because of the nature of the language in which they were written---do not take adequate steps to ensure they cannot overwrite their stacks as a result of invalid inputs. As a result, it is possible to coerce such programs to overwrite their stacks with chosen data.
By overwriting saved program counter addresses, an attacker may modify variables within the program, or even redirect execution to other code, potentially code that the attacker placed onto stack.
This can achieve unexpected results, ranging anywhere from the program crashing, to hijacking the execution context (and therefore, the security context) of the program in question. This simple concept has had profound implications in the annals of computer security.
Attempts at Overcoming This Vulnerability
Attempts at overcoming this vulnerability in a proactive way (rather than simply issuing Software patches) have had limited success. Researchers in Computer security have attempted to solve the buffer overflow attack problem both in software and in hardware. The best way to ensure that this attack vector isn't successful is by writing code that validates input wherever necessary.
In Software
Valgrind is an open source suite of tools that are designed to assist with debugging and improving the performance of software. It simulates the execution of code on a virtual x86 processor, and intercepts certain function calls, allowing for fine-grained buffer overflow detection on the heap.[2]
In Hardware
The NX bit
Related Topics
- Stack frame, which describes the memory management strategy that makes this attack possible
External Links
"Smashing the Stack for Fun and Profit" This article is a bit dated, but it covers in great technical detail this flaw
References
- ↑ "Smashing the Stack for Fun and Profit by Aleph One".
- ↑ "Dynamic Buffer Overflow Detection" (Retreived 11-April-2007).