Now and again we present short educational briefings on topics related to Application Security. Last time we discussed Data Breaches, read more here. Today I will present a brief overview of Buffer Overflows.
A Buffer overflow is a common software coding mistake. In order to effectively mitigate buffer overflow vulnerabilities, it is important that you first understand what buffer overflows are, what dangers they pose to your applications, and what techniques attackers use to successfully exploit these vulnerabilities.
A buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. A buffer overflow, or “buffer overrun” occurs when more data is put into a fixed-length buffer than the buffer can handle. Adjacent memory space becomes overwritten and corrupted. When this occurs – bad things happen. Usually system crashes, but also the opportunity for an attacker to run arbitrary code.
Cyber criminals exploit buffer overflow problems. Malicious actors take advantage of this software vulnerability to alter the execution path of the application by overwriting parts of its memory. The malicious extra data may contain code designed to trigger specific actions – in effect sending new instructions to the attacked application that could result in unauthorized access to the system. Hacker techniques that exploit a buffer overflow vulnerability vary per architecture and operating system.
It’s a common mistake in application development today not to allocate large enough buffers or check for overflow problems. C/C++ applications are often targets of buffer overflow attacks. C/C++ applications have no built-in protection to buffer overflows. Developers of C/C++ applications should avoid standard library functions which are not bounds checked, such as gets, scanf and strcpy.
Secure development practices should include regular testing to detect and fix buffer overflows. The most reliable way to avoid or prevent buffer overflows is to use automatic protection at the language level. Another fix is “bounds checking” enforced at run-time, which prevents buffer overrun by automatically checking that data written to a buffer is within acceptable boundaries.
We value your opinion, so please let us know if there are any concepts or topics you would like to hear about from us.
Written by: Fergal Glynn