Re: Buffer Overflow. What is it?
From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 05/24/04
- Previous message: Big Will: "Re: What is the difference between a worm and a trojan ?"
- In reply to: flap flop: "Re: Buffer Overflow. What is it?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 May 2004 21:14:42 +0000 (UTC)
"flap flop" <flap@home.net> writes:
]On Thu, 20 May 2004 00:24:53 +0000, Bill Unruh wrote:
]> tascienu@ecoaches.com (Tascien) writes:
]>
]> ]Hello,
]>
]> ]I saw so many buffer overflow attacks on Windows OS. Up to this time,
]> ]I don't understand how buffer overflow works???? Quite often on
][snip>
]> Why does the system allow writing beyond the end of an array? C does,
]> unless you use functions which do not. It is just bad programming. You
]> should always check the length of data you write to an array. But what
]> many will do is to allocate say 256 bytes for input data, and then
]> simply copy all the input data given to the routine into that array. If
]> the input data is 10496 bytes long, it will copy 10496 bytes into a 256
]> byte array. Instead of telling the system to only copy at most 256
]> bytes which a competent programmer would do.
]So, in case of damage due to malicious buffer overflow attacks, the
]software provider could be held liable?
Yes, but good luck doing so. Somehow the law of torts got suspended where
software was concerned. See the Year2000 fiasco for example. You had to pay
for their incompetence. If attacks damage your computer, the software
companies disclaim all responsibility. But charge you for upgrades.
- Previous message: Big Will: "Re: What is the difference between a worm and a trojan ?"
- In reply to: flap flop: "Re: Buffer Overflow. What is it?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
