One of the most popular and common bugs that can crash a system or make it hang is the popular buffer overflow. This type of vulnerabilities can be found in all kinds of applications, operating systems, client-server applications, and desktop GUI applications, or even in a simple CLI program also. Security analysts and professionals must know the reason behind its existence and how the bug can be reduced. In this chapter, you will get to know about the complete understanding of why buffer overflow occurs and how to save your application.
What Is a Buffer?
A buffer is a memory location that holds data for a temporary period and waits to transfer it to another location. It is located within the Random Access Memory (RAM) of your computer. For preventing your system from data congestion, this concept came into existence.
What Is Buffer Overflow?
Buffer Overflow is a situation where an application or program tries to write data outside the memory buffer or beyond the buffer size and is not determined to store those data. It leads to buffer overrun or buffer overflow, which ultimately crashes a system or temporarily holds it for sometimes. One typical example of buffer overflow is the entering of excessive data beyond the limit of the memory buffer.
What Happens When the Buffer Overflow Takes Place?
As the memory buffer overflow takes place and data get written out of the allocated memory area, the running program usually goes rickety, sometimes gets crashed, or may return corrupt data. Another issue in parallel is when you overwrite the data to some extra non-buffer area, the critical information of that area gets overwritten, and previously stored essential data gets lost. This overflow bug can also run other (unwanted or malicious) programs, affecting uninformed code execution and letting cybercriminals harm your system.
Technicalities of Occurring of Buffer Overflow
- Boundary checking is not done appropriately, or in most cases, they get skipped entirely.
- Applications built in old programming languages such a FORTRAN, C, etc. have such errors.
- Applications that are prone to buffer overflow are not set with proper filtering and validations criteria.
Two Important Reasons for Which Buffer Overflow Occurs
- When there is a lack of boundary-testing in the application, as done by the programmer or tester.
- When a system can execute a code that resides in the stack segment.
How to prevent Buffer Overflows?
- Input validations need to be set in an appropriate way to avoid this.
- Programmers need to test the code with additional values that will exceed the buffer size and check the application before launching.
- Boundary checks or boundary testing must be performed by testers to check the upper and lower limit of the temporary storage.