A buffer overflow is a type of computer security exploit which allows a program to perform functions that it is not designed to do. The responsibility for preventing the possibility of exploit lies in the programmer, however this requires proper planning and knowledge. While most programming courses teach proper coding techniques that prevent the possibility of a buffer overflow, coders who learn on their own tend to produce exploitable code. Thus, modern compilers have been designed to detect possible exploits and warn about them. Despite this, the compiler cannot be 100% efficient at catching exploits and proper coding guidelines must always be followed.
The buffer is a portion of the computers memory that is allocated for data storage. As the size of the buffer is determined before the data is available for entry, there is a danger that more data will be accepted by the program than had been allocated for its storage. Proper programming technique requires that the program check the size of data being entered, to ensure that it will fit in the buffer. If there is in fact too much data, then the program should return an error rather than try to write the data. If the program writes the data to the buffer anyway, the data will overflow its allocated space and rewrite areas of memory that were not allocated for it. In most random incidents, the rewritten data will be incompatible with the data previously in its place, and the program will crash. However, carefully crafted exploits can write data that is compatible with the data that it is replacing, and the program may then perform functions that it was not intended to perform.
A simple example of a buffer overflow exploit would be the case where user numbers and passwords are stored in a program's memory. There may be 2 characters available for the user number and 8 available for the password. Thus, if user #4 has the password "hello" and the user #5 has the password "goodbye", the buffer may appear like this:
04000hello050goodbye
Remember, we allocated 2 characters for the user number and 8 for the password, so the remaining space has been filled with zeros. If user #4 wants to access user #5's account, then he could change his own password to "000hello05birdpoop". A properly written program would detect that his new password is more than 8 characters long and would give him an error without making any changes. However, a poorly written program may not check his input, and try to overwrite the memory starting from the third space. It will overwrite user #4's password with the string "000hello", and continue writing. That means that user #5's user number will be overwritten with "05" and his password will be overwritten with "birdpoop". Now, the buffer looks like this:
04000hello05birdpoop
User #4 can log into the system as user #5 with the password "birdpoop", and user #5 cannot log in as he does not know the new password for his account.
Programming Security Technology Terminology Questions
7 more days...