|Name ||Overflow Buffers |
|Summary ||Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice. |
|Prerequisites ||Targeted software performs buffer operations.
Targeted software inadequately performs bounds-checking on buffer operations.
Attacker has the capability to influence the input to buffer operations. |
|Solutions ||Use a language or compiler that performs automatic bounds checking.
Use secure functions not vulnerable to buffer overflow.
If you have to use dangerous functions, make sure that you do boundary checking.
Compiler-based canary mechanisms such as StackGuard, ProPolice and the Microsoft Visual Studio /GS flag. Unless this provides automatic bounds checking, it is not a complete solution.
Use OS-level preventative functionality. Not a complete solution.
Utilize static source code analysis tools to identify potential buffer overflow weaknesses in the software. |
|CWE ID ||Description |
|CWE-19 || |
|CWE-119 ||Improper Restriction of Operations within the Bounds of a Memory Buffer |
|CWE-120 ||Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
|CWE-129 ||Improper Validation of Array Index |
|CWE-131 ||Incorrect Calculation of Buffer Size |
|CWE-680 || |
|CWE-805 ||Buffer Access with Incorrect Length Value |