An attacker typically provides input that exceeds the expected size. This could be through a text field in a user interface, a file that the
program reads, or data sent over a network. The insecure function processes this input and places the result into a provided buffer.
If the input is larger than the buffer can handle, the insecure function will overwrite the memory following the buffer. This situation is known as
a buffer overflow vulnerability.
When using typical C or C++ functions, it’s up to the developer to make sure the size of the buffer to be written to is large enough to avoid
buffer overflows.
What is the potential impact?
Code execution
In some cases, an attacker can craft input in a way that allows them to gain unauthorized access to your system. For example, they might be able to
overwrite a function’s return address in memory, causing your program to execute code of the attacker’s choosing. This could potentially give the
attacker full control over your system.
Denial of service
If an attacker can trigger a buffer overflow by providing oversized input, it can cause the program to crash. If the attacker repeats this process,
it can continually disrupt the service, denying access to other users. This can be particularly damaging for services that require high availability,
such as online platforms or databases.
In some cases, the input might cause the program to enter an infinite loop or consume excessive memory, slowing down the system or even causing it
to become unresponsive. This type of attack is known as a resource exhaustion DoS attack.
