CAPEC-CAPEC-100 - CERT CVE
Naziv

Overflow Buffers

Sažetak Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an adversary. As a consequence, an adversary is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the adversaries' choice.
Preduvjeti Targeted software performs buffer operations.|Targeted software inadequately performs bounds-checking on buffer operations.|Adversary has the capability to influence the input to buffer operations.
Rješenja ['Use a language or compiler that performs automatic bounds checking.', 'Use secure functions not vulnerable to buffer overflow.', 'If you have to use dangerous functions, make sure that you do boundary checking.', 'Compiler-based canary mechanisms such as StackGuard, ProPolice and the Microsoft Visual Studio /GS flag. Unless this provides automatic bounds checking, it is not a complete solution.', 'Use OS-level preventative functionality. Not a complete solution.', 'Utilize static source code analysis tools to identify potential buffer overflow weaknesses in the software.']