Buffer Overruns Explained

What are They?

Stack Overruns

Heap Overruns

Stack Overruns – How it Works

Stack Overrun – Arbitrary Code Execution HOWTO

Analysis

Upward Growing Stack

Heap Overruns – Until 2002

Heap Overruns – 2002 Edition

Heap Overruns – cont.

Known Dangerous Functions

Examples of Dangerous Usage: scanf and fscanf

scanf and fscanf vulnerabilities (cont.)

sprintf vulnerabilities

sprintf vulnerabilities

str* functions

str* functions (cont.)

The “gets” Function

The “gets” Function (cont.)

Your Own Loops

Your Own Loops (cont.)

Cast screwups

Further Reading

Next Meeting (in two weeks)

Available Online

Questions Time