Security

---

Unchecked Buffers / Buffer Overrun

Unchecked Buffers / Buffer Overrun

A buffer is a place to store data in the code, while an unchecked one is a buffer that doesn't verify to make sure that the data in the buffer is what is should be and the length that is supposed to be.  

Below is a diagram of a checked buffer that can hold 4 bytes of data.

While this is an unchecked buffer holding 7 bytes:

This doesn't seem too bad.  After al, what harm does it do?  Well, it only comes into play when you think of code in programs being run in a stack.  Let's pretend that a normal stack of code looks like this.

This is made up of code and data in the stack.  The code runs other bits of code from within the stack and reads data from specific areas.  What an unchecked buffer allows is for data in teh stack to be pushed into the data area.  This is known as a buffer overrun.

This buffer overrun has allows data to be pushed into a spot in the code where the application expects there to be data.  This can be the start of all sorts of nasty things happening!  In the innocent world, this would normally result in a crash because the data that had been "pushed" into the code area would not be code and wouldn't process.  An attacker though wouldn't let this happen.  They would only push "code" into this area and that code would allow them to do something different.  The main thing that this kind of attack is used for it to run other code later on, code that is used to compromise a system.

Just in closing - don't have nightmares!  Not every unchecked buffer is a potential vulnerability.  In fact, very few are comparatively few unchecked buffers that can be exploited in this way.

Adrian Kingsley-Hughes
Last updated: March 7th 2005
Print This Page   |   Email me when this page changes    |  Search This Site

• Fake Security Apps
• IE7: Low Rights
• Spyware Popups
• Media View vs Real World
• A Real Site??
• SP2 Info Bar or not?
• Google AutoLink Raises Eyebrows
• Unchecked Buffers
• Secure Disk Destruction
• Disabling UPnP
• Useful Security Products
• Vulnerability List
• 3 Steps to Protect your PC
• Safe and Unsafe File Extensions
• Browser Encryption

• How secure is that password?
• Double Entry Passwords
• How are passwords stored on websites?
• Passwords and Internet Cafes
• WEP Strong Key Generator
• WPA Random Key Generator
• Make Me A Password
• Choosing Good Passwords
• More on Passwords

• Viewing Images in Email
• 419
• Spam Uncanned
• More Spam
• Latest Spam Tricks
• Bogus Bulletins
• Spam & Ham
• Outlook Read Receipts

• New Norton for Vista
• Virus Alerts
• Virus Types
• Virus Hoaxes
• Live update Problem
• More Live update Issues
• Norton 2005 problem

Out Now!

Get ready to Build your own custom PC!

>> ORDER TODAY!!