Buffer Overflow

  • Buffer overflow happens when an unsafe buffer that reads in inputs goes outside the bounds of it’s intended memory address
  • It can be deadly because the stack can be overwritten
  • Can return an overwritten memory address by manipulating the eip register, which is the instruction pointer (next instruction)
  • It may be harder to overwrite local variables and less useful, since compiler optimization may not overwrite where you want it to.
  • Can also susceptible to shellcode exploits
  • Most compilers will check for this malicion. Memory address randomization + stack smashing checking. You may need to disable this for educational purposes.
  • Some outdated functions in C such as gets and strcpy are vulnerable!
  • Useful tools: gdb, objdump
  • Keywords: stack smashing comes first, followed by segmentation fault. Error may occur if you go out of bounds


Like this post? Subscribe for more.

Kevin Chow
Kevin Chow
Fledging Computer Scientist