Buffer Overflow

What is a Buffer?

A buffer is a region of memory (array or string) reserved to hold data. Example:

char sample[10];

How Buffer Overflow Works

1. Application reserves adjacent memory (buffer) to store arguments or variables
2. Attacker supplies an argument too long to fit in the buffer
3. Application copies the whole argument → overflows into adjacent memory
4. If conditions are right, attacker gains control over program flow and executes arbitrary code with the original application’s privileges

Code Example (Vulnerable):

void function(char *str) {
    char buffer[8];
    strcpy(buffer, str);  // No bounds checking!
}
void main() {
    char large_string[256];
    int i;
    for(i = 0; i < 255; i++)
        large_string[i] = 'A';
    function(large_string);  // Overflows buffer[8]
}

Why It’s Dangerous

• One of the most common software vulnerabilities
• Especially dangerous in system libraries and code running with high execution privileges

Buffer Overflow Defenses

Better software engineering practices:

• Safer functions (e.g., strncpy instead of strcpy)
• Code reviews

Other defense categories:

• Find-and-patch methods – discover and fix known overflows
• Language tools – use memory-safe languages (Java, Python)
• Analysis tools – static/dynamic code analysis
• Compiler tools – stack canaries, ASLR (Address Space Layout Randomization)
• Operating system tools – non-executable stack (NX bit), ASLR

6.3 Malicious Code (Malware)

Definition