|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Buffer Overflow
From: Preston, Tony (Tony.Preston
acs-inc.com)
Date: Wed Nov 05 2003 - 07:16:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The simple answer is no. A buffer overflow would be where you have
something like:
char buffer[32];
....
gets(buffer);
....
The gets() function reads characters into the buffer from standard input.
There is no checks for buffer size. It really should be replaced with a bit
of code that does something like:
fgets(buffer, sizeof(buffer), stdin);
(and for good programming practice, you should check to make sure that the
buffer was not filled, i.e. make sure the user did not enter more characters
than the buffer will hold.
Because the gets() function does not check for the size, a user could
overfill the buffer (hence buffer overflow) and "possibly" trash the stack
in a way that will execute code that will allow the user to gain priviledge.
Tony Preston
Systems Engineer, AS&T Inc.
Division of L3 Corporation
(609) 485-0205 x 181
-----Original Message-----
From: pablo gietz [mailto:pablo.gietznuevobersa.com.ar]
Sent: Tuesday, November 04, 2003 1:53 PM
To: secprogsecurityfocus.com
Subject: Buffer Overflow
Hi Secprogrammers
Here my stupid question.
If I compile my final build with the checkboxes:
- Range checking ( Checks that array and string subscripts are within
bounds. Corresponds to {$R}) .
- I/O checking (Checks for I/O errors after every I/O call.
Corresponds to {$I}.)
- Overflow checking ( Checks overflow for integer operations.
Corresponds to {$Q}.)
checked . Could this minimize the possibility of occurrences of buffer
overflows or other similar security holes?
Thanks
--
Pablo A. C. Gietz
Jefe de Seguridad Informática
Nuevo Banco de Entre Ríos S.A.
Te.: 0343 - 4201351
Fax: 0343 - 4201329
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]