Buffer overflow: Difference between revisions
imported>Nick Johnson No edit summary |
imported>Nick Johnson |
||
| Line 10: | Line 10: | ||
==Technical Explanation== | ==Technical Explanation== | ||
A software execution [[stack]] exists in many modern kernels, much like a stack of books. Parts of the stack | A software execution [[stack]] exists in many modern kernels, much like a stack of books. Parts of the stack contain program variables, and other parts contain information such as saved program counter address. Many programs---often because of the nature of the language in which they were written---do not take adequate steps to ensure they cannot overwrite their stacks as a result of invalid inputs. As a result, it is possible to coerce such programs to overwrite their stacks with chosen data. | ||
By overwriting saved program counter addresses, an attacker may modify variables within the program, or even redirect execution to other code, potentially code that the attacker placed onto stack. | |||
This can achieve unexpected results, ranging anywhere from the program crashing, to hijacking the execution context (and therefore, the security context) of the program in question. This simple concept has had profound implications in the annals of computer security. | |||
==See Also== | ==See Also== | ||
Revision as of 15:03, 11 April 2007
In computers and computer security, a buffer overflow occurs when more data than was expected is written to a memory buffer than was intended by a programmer.
This error is the most common type of Computer security flaw that is used to run code on a remote machine unintentionally.
Other names for this attack include "buffer overrun" and "Smashing the Stack," both of which describe the concept.[1]
Technical Explanation
A software execution stack exists in many modern kernels, much like a stack of books. Parts of the stack contain program variables, and other parts contain information such as saved program counter address. Many programs---often because of the nature of the language in which they were written---do not take adequate steps to ensure they cannot overwrite their stacks as a result of invalid inputs. As a result, it is possible to coerce such programs to overwrite their stacks with chosen data.
By overwriting saved program counter addresses, an attacker may modify variables within the program, or even redirect execution to other code, potentially code that the attacker placed onto stack.
This can achieve unexpected results, ranging anywhere from the program crashing, to hijacking the execution context (and therefore, the security context) of the program in question. This simple concept has had profound implications in the annals of computer security.
See Also
External Links
"Smashing the Stack for Fun and Profit" This article is a bit dated, but it covers in great technical detail this flaw