#include #include void foo ( char * bar ) Platform-related differences Ī number of platforms have subtle differences in their implementation of the call stack that can affect the way a stack buffer overflow exploit will work. ![]() This is illustrated with strcpy() in the following example: The canonical method for exploiting a stack-based buffer overflow is to overwrite the function return address with a pointer to attacker-controlled data (usually on the stack itself). This is one of the oldest and more reliable methods for attackers to gain unauthorized access to a computer. If the stack buffer is filled with data supplied from an untrusted user then that user can corrupt the stack in such a way as to inject executable code into the running program and take control of the process. a webserver) then the bug is a potential security vulnerability. If the affected program is running with special privileges, or accepts data from untrusted network hosts (e.g. Overfilling a buffer on the stack is more likely to derail program execution than overfilling a buffer on the heap because the stack contains the return addresses for all active function calls.Ī stack buffer overflow can be caused deliberately as part of an attack known as stack smashing. Stack buffer overflow is a type of the more general programming malfunction known as buffer overflow (or buffer overrun). ![]() This almost always results in corruption of adjacent data on the stack, and in cases where the overflow was triggered by mistake, will often cause the program to crash or operate incorrectly. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than what is actually allocated for that buffer. In software, a stack buffer overflow or stack buffer overrun occurs when a program writes to a memory address on the program's call stack outside of the intended data structure, which is usually a fixed-length buffer. For other uses, see Stack overflow (disambiguation).
0 Comments
Leave a Reply. |