September 24, 2020

GHR 113 – Buffer Overflows

Objectives:

  • RULE : A buffer is a contiguous block of memory of a fixed size that holds multiple instances of the same data type.
  • RULE : A buffer overflow occurs when you used more than was allocated, like stuffing 77 bytes into a 64 byte buffer.
  • RULE : The operating system also uses buffers and can be exploited.
  • RULE : When a programmer creates a variable, he is creating a buffer.
  • RULE : Different variable types use a different amount of  buffer space in memory.
  • RULE : The lower level programming languages, like Assembly, have almost no protection against buffer overflows since it operates really close to bare metal.
  • RULE : Object oriented programming languages, like C++ and Java, are susceptible to buffer overflows since they import many libraries, which in turn import other libraries.  If just one of those hundreds of libraries fails to check it’s boundaries a buffer overflow can occur.
  • RULE : Higher level programming languages are harder to create a buffer overflow situation, but not totally immune to them.
  • RULE : In general, application written in the lower the level programming languages are the most vulnerable to buffer overflows.
  • RULE : Processes are divided into three regions:
    1. Text – this region is fixed by the program and includes instructions and read-only data. This region corresponds to the text section of the executable file. If you attempt to write to a read-only region a segmentation violation occurs.
    2. Data – this region sits in between the Text and Stack regions and contains variables that may or may not have been initialized. Static variables are stored in this region.
    3. Stack – this region contains a “stack” of objects that use the property of Last In, First Out (a.k.a. LIFO) like a stack of poker chips.  It contains the return address when a instruction is received.  It also contains the contents of registers.  You PUSH data onto the stack and you POP it back off.
  • RULE :

Further research = Smash The Stack