About Buffer Overflows

by Tamas Querolin.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on software  

You are here: Categories » Computers and technology » Software

Buffer overflows are perhaps the most notorious and widely publicized attacks. These are complex attacks that exploit the fundamental hardware and software capabilities of a system.

For those who are not software developers, a few concepts need explanation. First, it is useful to understand what a buffer is. The computer system has a pool of Random Access Memory (RAM) organized into small chunks by the operating system that runs applications. In order to share this memory among the operating system's many processes and applications, a special memory manager coordinates which chunks of the RAM pool are in use and which are available to run an application. When an application is first run, memory is allocated for the application and all of its functions and variables.

As the application runs, more memory can be allocated for new variables and de-allocated when no longer in use. A buffer is a chunk (or several chunks) of memory used to store a variable. Different buffers can and often do exist side-by-side in memory. A buffer that holds a variable can exist next to a piece of memory that holds a function or another application. For example, when you enter your username at a prompt or window, the program has declared a buffer, in which the characters of the name are stored.

A buffer overflow occurs when a buffer is too small to accommodate the amount of data provided. The data that does not fit into the buffer will overwrite the next chunks of memory. Herein lies the danger of buffer overflows. The memory that is overwritten with the extra data can be another variable in the running application, a variable for another application, or the application's stack. The stack contains application-specific information, such as the physical locations of the application's functions and variables.

This alters the path that the application would normally follow, causing it to use bad data, crash, or execute new functionality. The execution of new functionality is usually the goal of a buffer overflow exploit—whether to provide access to the system or to modify its settings.

When its owner accesses the overwritten memory next, the new data might be invalid, and the application can crash or function improperly. Buffer overflows are exploited by crafting the overflow data into something useful that the machine can understand. This could mean executing another program, causing harm to the system or stealing information.

To better demonstrate this concept, consider the postal machine that scans letters for their destination city. Assume envelope A is destined for New York, NY, and envelope B is destined for Boston, MA. The ZIP code of envelope B has special wet ink that "overflows," overwriting the ZIP code of New York on envelope A with that of Boston when the envelopes are automatically stacked at the postal facility. The postal machine scans envelope A and reads the overwritten ZIP code. The letter is then routed to Boston.

Buffer overflows are often more malicious than mere accidents, so let us assume that a valuable sum of cash is destined for a postal box in New York. The thief, or attacker, knows the exact location of the letter and creates an envelope with runny ink that overwrites the ZIP code on the envelope with the ZIP code for Boston when they are stacked. The attacker rents the Boston postal box with the same number as the original destination in New York and proceeds to steal the money.

A postal machine is only capable of recognizing ZIP codes, no matter from where they come. A computer is capable of executing instructions, no matter from where they come. Therefore, a buffer overflow attack that overwrites the original instructions of an application with new instructions can cause the computer to execute anything an attacker wishes.

Share
Leave a comment or ask a question
Total comments: 0

Software Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Detecting SoftICE by Calling INT 68h - Here's a way to detect the presence of SoftICE in memory by calling INT contain the value 43h before calling INT be in the AX register. 68h. The AH register must 68h. If SoftICE is active in memor (more...)
How Can You Increase Your computer performance - Basic computer knowledge or/ and appropriate technical assistance can help you increase computer performance. Computers have become an expected supporter in this modern world. O (more...)
Detecting SoftICE by Searching Memory - This detection searches the memory in the V86 mode for the WINICE.BR string. Because this method is infrequently used, it's worth considering, though it can only be used in Windows 9x. Thi (more...)
Fight for the Future, Digital Future: Google VS Apple - We can be proud as we watch one of the greatest virtual wars unleashing at the digital market. If 15 years ago it was Apple Vs Windows confrontation, today it has slightly changed its main parties (more...)
The Beginner's Guide to iPad Video Conversion on Mac - So, you've just taken in a shiny new iPad and impressed by its beautiful display. There are several possible sources of content that you will want to convert for viewi (more...)
Touch and View: iPad application - iPad application development has become an extremely popular topic at numerous conferences and workshops since the product introduction keynote. Mobile software companies went boldly into the une (more...)
Deciding on TIFF vs. JPEG Output for Scanned Images - It can be difficult to understand which file type is best for saving your scanned images. Here's a brief breakdown of the two most common options. Preserving beloved memories is on (more...)
Photoshop Clipping Path and Masking Techniques :: Wonderful Technique to Knock Out Image Background - Graphic design is being the promotional key in every spare of business and individual life. Business organizations seek graphic tools to have publicity by dint of bill board, catalogs, magazines, w (more...)
Tips on Getting MP3 from CD as iPhone Ringtone on Mac - Many people must have favorite CDs filled with their bookcase or CD case somewhere at home due to the songs they loved while they still need to pay $0.99 each to get the same songs as their iPhone (more...)
Know about Architectural CAD Drawing - Architectural CAD drawing, which literally mean architectural drawing on the computer. Getting your architectural drawing in digital format. This applies to residential, commercial, pho (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.