18.104.22.168 Buffer Overflows
(Page 1 of 3)
We discussed buffer overflows earlier in section 1.4.12, on software exploitation. Now we look at this vulnerability in more detail.
A buffer overflow is a condition which occurs when a software program tries to copy too much data into too small an area in the computers memory (called a buffer), causing the data to fill up that area and proceed to overwrite other areas of memory that follow the original area. Generally it results from programmers making an incorrect (too small) assumption about how much data is being moved.
Computers move data back and forth in memory by means of variables, which are blocks of memory, each of which has a location in memory and a size. If you think of each variable as being a pitcher of a certain size and in a certain location on a table full of pitchers, a buffer overflow might look like a huge pitcher of orange juice being poured into a small one, and the overflow juice, which needs somewhere to go, accidentally seeping over the edge of the small pitcher into the pitcher next to it (the next variable in memory). If the pitcher next door originally held fine Australian red wine, and the overflow replaces, or overwrites, any or all of the wine with orange juice, the next person who tries to use that pitcher of wine is going to find an unpleasant surprise. Much the same thing happens with buffer overflows on a computer. The excess data overflows into adjacent areas of memory, overwriting what was there.
Since the previous contents of that memory were likely in use before it was overwritten, when the software program next accesses that memory, theyre going to find unexpected contents, which may cause the program to misbehave or even crash.
A more severe case of buffer overflow occurs when the excess data overflows not just the part of memory holding the programs data, but also the part holding the programs executable code. Program code works like a list of instructions. The computer goes through the list of instructions in order, performing each one on the list, just like you would when assembling a piece of IKEA furniture. If part of that list is overwritten by excess data from a buffer overflow, well, the computer doesnt know any better, and it will continue to treat whats there as a list of instructions, and try to follow them. If whats there is random gobbledygook, the program will probably crash. If its carefully crafted gobbledygook that just happens to look exactly like the program code which would, for example, delete an important system file, itll do that too. The art of exploiting a buffer overflow, thus, requires knowledge of how to construct such sequences of instructions in computer machine language, as well as, knowledge of how to get those sequences to be executed.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.