buffer overflow


Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Acronyms, Wikipedia.

buffer overflow

(programming)
What happens when you try to store more data in a buffer than it can handle. This may be due to a mismatch in the processing rates of the producing and consuming processes (see overrun and firehose syndrome), or because the buffer is simply too small to hold all the data that must accumulate before a piece of it can be processed. For example, in a text-processing tool that crunches a line at a time, a short line buffer can result in lossage as input from a long line overflows the buffer and overwrites data beyond it. Good defensive programming would check for overflow on each character and stop accepting data when the buffer is full.

See also spam, overrun screw.

buffer overflow

A common cause of malfunctioning software. If the amount of data copied into a memory buffer exceeds the size of the buffer, the extra data will overwrite whatever is in the adjacent bytes, and those bytes could hold numbers and codes the program constantly uses (see flag and variable). It only takes an error of one bit to crash software.

Certain copy instructions transfer strings of data within memory until some character such as a null or return is reached, signaling its end. Such instructions are potentially dangerous and can be avoided by using instructions that copy a fixed number of bytes.

Buffer Overruns Are Exploited
If software is written to assume the correct amount of data will always be input and makes no provisions otherwise, malicious hackers can exploit this situation by entering more and more data until the computer crashes. When it does, the computer's registers are examined to find out if it was attempting to execute an instruction in the overrun buffer area and if so, the precise location. The exploit is then carried out by appending machine instructions at the end of the input that the computer will execute. See XSS and SQL injection.

Slammer Wreacked Havoc
In January 2003, the Slammer worm on the Internet caused a billion dollars worth of damage. Using randomly generated IP addresses, Slammer used the buffer overflow exploit to replicate itself. Within three minutes after the first Slammer packet was unleashed, the number of infected computers was doubling every eight seconds. Within 15 minutes, large sections of the Internet were overloaded and out of commission. See buffer and buffer flush.
References in periodicals archive ?
Moreover, our approach can only detect stack buffer overflow vulnerabilities and controlled jump vulnerabilities.
These values are given for first-order XSS (denoted as FO XSS), second-order XSS (denoted as SO XSS), blind SQLI (denoted as BL SQLI), first-order SQLI (denoted as FO SQLI), second-order SQLI (denoted as SO SQLI), and buffer overflow (denoted as BOF) attacks.
Recall that [delta] = 0.05 and [D.sub.n] = {0.5 0.5 0.5 0.5 0.5}; thus when [[lambda].sub.m] = 8, we have 1/[delta] = 0.5 [[summation].sup.5.sub.m=1] [[lambda].sub.m] = 20, and when [[lambda].sub.m] > 8, we have 1/[delta] < 0.5 [[summation].sup.5.sub.m=1] [[lambda].sub.m], which is the condition of RSU buffer overflow avoidance, as shown in (14).
The quantization parameter is further adjusted to keep the bit rate within the given constraints, and to prevent buffer overflow and underflow.
The most important example of this nature is the buffer overflow, which accounts for over 50% of reported software security vulnerabilities in the past few years [4].
Control-data attacks overwrite control data (such as the return address [2]) using memory corruption vulnerabilities (such as buffer overflow and format strings) to direct the target program to an unintended control flow (such as new inserted code or existing code in the memory).
In particular, the cameras from Shenzhen Neo Electronics can be exploited through buffer overflow vulnerabilities, in which an attacker sends data designed to overrun a system's temporary data storage.
BS.Player contains a buffer overflow in the "bsib.dll" module that can be exploited to achieve arbitrary code execution.
where [P.sub.0] is the buffer overflow and [P.sub.p] is the packet error probability.
Traditional methods for loss analysis aim at estimating the work load loss ratio based on the approximations of buffer overflow probability [1-4].
For instance on the [P.sub.L]'s fuzzy set, when the value of [P.sub.L] is few, this means few packets were lost due to buffer overflow. Whereas the [P.sub.L] value is medium when medium amount of packets were lost due to buffer overflow.
If any malicious behaviour is initiated - for example, execution of a malicious script, a buffer overflow exploit or exploits of native APIs and system commands - Invincea Document Protection automatically detects the threat, terminates it and captures forensic data that can be fed to the rest of the security infrastructure.