One of the most popular and common bugs that can crash a system or make it hang is the popular buffer overflow. This type of vulnerabilities can be found in all kinds of application, operating systems, client-server application, and desktop GUI applications or even in a simple CLI program also. Security analysts and professionals must know the reason behind its existence and how the bug can be reduced. In this chapter, you will get to know about the complete understanding of why buffer overflow occurs and how to save your application.
What Is a Buffer?
A buffer is a memory location that holds data for a temporary period of time and waits to transfer it to another location. It is basically located within the Random Access Memory (RAM) of your computer. For preventing your system from data congestion, this concept came into existence.
What Is Buffer Overflow?
Buffer Overflow is a situation where an application or program tries to write data outside the memory buffer or beyond the buffer size and is not determined to store those data. This leads to buffer overrun or buffer overflow, which ultimately crashes a system or temporarily holds it for sometimes. One typical example of buffer overflow is the entering of excessive data that is beyond the limit of the memory buffer.
What Happens When the Buffer Overflow Takes Place?
As the memory buffer overflow takes place and data gets written out of the allocated memory area, the program that is running usually goes rickety; sometimes get crashed or may return corrupt data. Another issue that happens in parallel is when you overwrite the data to some extra non-buffer area, the critical information of that area gets overwritten, and previously stored essential data gets lost. This overflow bug can also run other (unwanted or malicious) programs which can effect in uninformed code execution and let cybercriminals harm your system.
Technicalities of Occurring of Buffer Overflow
- Boundary checking is not done appropriately, or in most cases, they get skipped entirely.
- Applications built in old programming languages such a FORTRAN, C, etc. have such errors in them.
- Applications that are prone to buffer overflow are not set with proper filtering and validations criteria.
Two Important Reasons for Which Buffer Overflow Occurs
- When there is a lack of boundary-testing in the application, as done by the programmer or tester.
- When a system can execute a code that resides in the stack segment.
How to prevent from Buffer Overflows?
- Input validations need to be set in an appropriate way to avoid this.
- Programmers need to test the code with additional values that will exceed the buffer size and check the application before launching.
- Boundary checks or boundary testing needs to be performed by testers to check the upper and lower limit of the temporary storage.