Computer Security Wiki
Smallwikipedialogo.png Most of this page uses content from Wikipedia. The original article was at Buffer overflow.
The list of authors can be seen in the page history. As with Computer Security Wiki, the text of Wikipedia is available under the GNU Free Documentation License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.

A buffer overflow, or buffer overrun, is an anomalous condition where a process attempts to store data beyond the boundaries of a fixed-length buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include other buffers, variables and program flow data, and may result in erratic program behavior, a memory access exception, program termination (a crash), incorrect results or ― especially if deliberately caused by a malicious user ― a possible breach of system security.

Buffer overflows can be triggered by inputs specifically designed to execute malicious code or to make the program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits. Sufficient bounds checking by either the programmer, the compiler or the runtime can prevent buffer overflows.

The programming languages most commonly associated with buffer overflows are C and C++. They provide no built-in protection against accessing or overwriting data in any part of memory and do not check that data written to an array (the built-in buffer type) is within the boundaries of that array. Also, many novice coders cut their teeth on C & C++.

An example of a buffer overflow attack can be seen in the Sasser virus. It spread by exploiting a flaw in a Windows system program. Once inside a machine, it overflowed a buffer in LSASS.exe, a file that is a part of the Windows operating system. This would cause the infected computer to constantly reboot. (contributed by yoanS, 11/13/09)


External links[]