A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas, which could be buffers, constants, flags or variables. Any aberrant behavior can result when control data, such as a binary flag, is altered erroneously (it only takes one bit!). Various instructions transfer data until a null or return or some other character signals the end of the data string. Such instructions are potentially dangerous and can be avoided by using instructions that read or transfer a precise number of bytes.
Malicious hackers can exploit buffer overflows by appending executable instructions to the end of data and causing that code to be run after it has entered memory (see Slammer). See buffer and buffer flush.
|
