Understanding what a buffer overflow is, and the difference between a stack and heap buffer overflow is covered first. This is necessary in order to understand how to exploit these flaws and a fundamental building block for information security.
Understanding Buffer Overflows
A buffer is a data or memory holding area used to house data. The condition that causes a buffer overflow is when data is exceeding the allotted size of the buffer and thus overflows into other memory areas within the program. Think of two 5L buckets next to one another as the buffers and water as the data. When one bucket is filled with more than 5L of water the water will overflow
out into the other 5L bucket. This is an over simplified analogy of a buffer overflow however, it illustrates the basic concept. Where these buffers are located will determine the type of buffer overflow attack; either a stack buffer overflow or a heap buffer overflow.
Stack Buffer Overflows
Memory Architecture
A stack buffer overflow attack is defined as, “when the targeted
buffer is located on the stack, usually as a local variable in a function’s stack frame”.[1] In order to understand what a stack buffer overflow is the stack must be examined and understood. As a program is initialized…
