English Deutsch Français Italiano Español Português 繁體中文 Bahasa Indonesia Tiếng Việt ภาษาไทย
All categories

2006-11-29 15:21:31 · 11 answers · asked by Anonymous in Computers & Internet Programming & Design

11 answers

A program sets aside an allocated chunk of memory, called a buffer. The size of the buffer is typically calculated to allow some time to pass before incoming data fills it. If the data comes in faster than anticipated, or the buffer is too small, than the buffer "overflows" and data is lost.

2006-11-29 15:25:28 · answer #1 · answered by Computer Guy 7 · 0 0

Often, in programming, you'll need a chunk of memory to put some data into - for example, a temporary storage area for data being received from the network during processing. You'll generally get it from one of two areas called the 'heap' and the 'stack'.

The heap is the ideal place to put the buffers; you can ask it for a chunk of memory a given size and it'll give it to you. However, allocating on the heap is inconvenient, and programmers sometimes get lazy and use the stack instead.

Now, the stack is easy to deal with. The computer handles allocating and getting rid of the memory for you. How convenient! Problem is, the size is fixed when the program is compiled.

When the program finally puts the data in the buffer, it must be careful not to exceed the buffer size, whether that size is specified in the heap memory request or the stack buffer size. If it does, it'll overwrite whatever comes after that buffer in memory - therein lies the problem.

If the data right after the buffer contains a code address - a location in which the computer will look to find some code to run - then the data in the buffer could overwrite this address and point it back into the buffer, where evil code could've been loaded.

Unfortunately, the stack does exactly this. When the computer enters a procedure, it 'pushes' the return address onto the stack, and then pushes any local variables, buffers, etc. The stack grows downward with each push - so the item /after/ the most-recently pushed item is the second-most recently pushed. As such, your buffers are always right before the return address.

So, a buffer overflow exploit works by tricking the program into putting too much data into the buffer. Generally this will look a bit like this:

* A whole bunch of NOP instructions - when the CPU runs one of these it just moves to the next without doing anything. This compensates for inaccuracy in aiming the return address.
* Some malicious code - generally this is a small thing which downloads the real meat of the exploit once it has control of the system.
* An approximation of an address in the middle of the NOPs, repeated many times. The goal here is to overwrite the return address with one of these.

If it succeeds, the procedure eventually returns, causing the CPU to jump back to the 'NOP slide', move on to the evil code, and bam, your computer is under the attacker's control.

2006-11-29 15:32:31 · answer #2 · answered by bd_ 2 · 0 0

whilst information is copied from place to place it particularly is saved temporarily in a buffer. A buffer usually has a fixed length and would keep no extra effective than that quantity. A buffer overflow is whilst extra effective than the buffer can carry is saved in it. the cost of it particularly is that the surplus information gets located in reminiscence exterior of the buffer. Buffer overflows are the effect of programming bugs. If engineered wisely a buffer overflow would be engineered to inject undesirable code right into a working laptop or workstation, it particularly is to declare infect it with a deadly disease.

2016-10-04 13:19:50 · answer #3 · answered by ? 4 · 0 0

buffer is a temporary medium created to store information. Buffer sizes can be changed. e.g. programming in java to read or write files a buffer is used to store information before its written to a text file. if the buffer is not refreshed everytime a new line / data is read, a buffer overflow comes into play coz the current buffer is full or the information is too big to fit into the buffer size.

2006-11-29 15:26:18 · answer #4 · answered by waqar 2 · 0 0

That's when the data that's being poured into a buffer overflows

2006-11-29 15:36:00 · answer #5 · answered by chino 1 · 0 0

Buffer are actually memory locations used to store data temporarily. For eg. if you are watching some video online or you are listening to songs online, the song or video should be downloaded from that providing server to your computer.

Since you are doing it online, they will not be stored in your computer permanently. Just they will be stored in memory locations used for temporary storage. These are called buffers and there is a limit for every kind of allocation. So whenever you exceed the limit of memory access, then occurs the Buffer Overflow.

**********
Vasu M
**********

2006-11-29 21:43:11 · answer #6 · answered by V@su Maniram 3 · 0 0

This happens when more data is put into a buffer or holding area, then the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. This can result in system crashes or the creation of a back door leading to system access.

2006-11-29 16:47:26 · answer #7 · answered by comn8u 4 · 0 0

Usually buffer overflows are used by hackers and virus makers to exploit your computer. I found this rather simple and eloquent way of putting it...

Fundamentals

A buffer overflow occurs when something very large is placed in a box far too small for it to fit. It's all gotta go somewhere. An example in code is as follows:


void func(void)
{
int i;
char buffer[256];
// *
for(i=0;i<512;i++)
buffer[i]='A'; // !

return;
}

As you can see, our 'buffer' gets filled with 256 'A's, followed by 256 more that just don't fit. The rest of those 'A's have to go somewhere.

And where they go depends on your operating system implementation and programming language, but if you don't have automatic bounds checking like Java, I guarantee you that those 'A's are going somewhere unfortunate.

Here is a picture of a healthy 32-bit stack, in such an operating system as Windows 9x/NT running on an Intel platform. It looks like what it should look like at the point marked * in the code above.

STACK
----------------
Local Variables
ESP-> i
Buffer
----------------
EBP-> Old Value of EBP
----------------
Return Address
----------------

When the "func" procedure returns, it moves EBP back into ESP, and POP's the return address off the stack. When the above line of code marked '!' executes it overflows the buffer, writing 'A's over the old value of EBP and over the return address. By overwriting the return address, you can seriously alter the course of program flow. All you have to do is change the return address to point to a memory location of your choice, and the code you want to execute will be reached when this procedure decides to 'return'. If you stuff the buffer with code bytes, you can then reroute the EIP to them on the next RET, since the stack is considered executable memory in Windows 9x/NT on the Intel architecture.

If you are seeing an error message regarding a buffer overflow, you might want to check for viruses or trojans, etc.

How do the hackers do this? Usually something like this example:

If you wanted to exploit this [example] overflow, you could simply start up Netmeeting, find a bunch of people on the ILS server, and send them email with the CNF file attached. Just make the mail say something like: My girlfriend and I want you to watch us while you spank it! Call us soon, we're horny! They'll click the icon. It may also be possible to fake a connection to an ILS server as well, creating a fake user and supplying the bogus address line with our exploit it in, so that if they click on the name, they get zapped. All kinds of fun owning the machines of horny men looking for girls or women on the net!

This is just one example of how they do it.

So if you are one prone to open up these kinds of emails then you probably have had a buffer overflow happen to you.

Lesson: don't open stuff you don't know where or who it came from.

2006-11-29 15:40:33 · answer #8 · answered by Anita E 1 · 1 0

that means when your pc try to exceeds the memory allocation required at your program runtime. When there is not enough memory or exceeding its maximum required space, the buffer overflow occurs.

2006-11-29 15:26:47 · answer #9 · answered by m_Fariz 3 · 0 0

my understanding of buffer overflows is as follows...

older languages like C (not c++ mind you) were able to allocate locations of the ram....

um...

ok lets pretend the following is the ram inside your computer...

slot1: data
slot2: open
slot3: open
slot4: open
slot5: data

You can tell the program to "fill up" the open "ram slots" (very quick and crude explanation) with information... as follows...


Send data to the open slots2-4....

so then the ram chip would visually look like this...

slot1: data-old
slot2: data-new
slot3: data-new
slot4: data-new
slot5: data-old


Now.. that is how c allocates ram to store variables...

now for the over flow... you tell the computer to to fill up 2-4 with 5 data slots... it would look like this...

slot1: data-old
slot2: data-new
slot3: data-new
slot4: data-new
slot5: data- overwritten old data with new data

in the over written data you but a malicious script.


well that's my really quick explanation,... there is alot more to it,.. this is my basic understanding..

hope this helps

2006-11-29 15:24:57 · answer #10 · answered by Anonymous · 0 0

fedest.com, questions and answers