Buffer overflow

In programming and information security, a buffer overflow or buffer overrun is an anomaly whereby a program writes data to a buffer beyond the buffer's allocated memory, overwriting adjacent memory locations. Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs; if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, then an anomalous transaction that produces more data could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes. Exploiting the behavior of a buffer overflow is a well-known security exploit. On many systems, the memory layout of a program, or the system as a whole, is well defined. By sending in data designed to cause a buffe

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications

Related people

Related units

Related concepts

Related courses

Related lectures

Summary

Official source

About this result

Related publications (21)

Related publications

Related people (1)

Related people

Related units (2)

Related units

Related concepts (71)

Related concepts

Related courses (17)

Related courses

Related lectures (49)

Related lectures

Reducing Buffer Space in Multipath Schemes

Maysam Yabandeh, Sajjad Zarifzadeh

One major drawback of multipath transferring schemes, which is inspired by the usage of different paths with diverse delays, is the emergence of reordering among packets of a flow. This reordering brings some substantial problems (like larger delay and buffer space) to the transport applications. In this paper, we present a novel UDP-based multipath scheme for in-order delivery to the receiver by scheduling of packets among multiple paths. This method imposes the minimum possible delay and a small buffer space on the receiver’s application. We theoretically prove the optimality of the proposed method. Finally, through simulation experiments, we show that the performance of our multipath method is comparable with the best-case one-path transmission with aggregated bandwidth.

2008

We present a preliminary study of buffer overflow vulnerabilities in CUDA software running on GPUs. We show how an attacker can overrun a buffer to corrupt sensitive data or steer the execution flow by overwriting function pointers, e.g., manipulating the virtual table of a C++ object. In view of a potential mass market diffusion of GPU accelerated software this may be a major concern.

Springer France2015

Destination buffer analysis for packets rejection obliteration in multi-channel networks

Georgia Fragkouli

In this paper we study a multi-channel network, each station of which is equipped with a network interface that has a receiver buffer of multiple packets. In this way, each station is able to receive multiple packets per time instant. We adopt a synchronous access protocol which is affected by the collisions over the multiple channels and the destination conflicts. The proposed protocol performance crucially depends on the size of the receiver buffer since it determines the packet rejection probability at destination. An analytical probabilistic model based on a Markovian process is adopted for the performance measures derivation by means of closed mathematical formulas. The proposed protocol is compared to relative ones that either totally ignore the receiver collisions or assume a receiver buffer of a single packet capacity. The numerical results show that the increase of the receiver buffer size improves the performance decisively, resulting in higher throughput and lower delay and rejection probability. Also, it is shown that the appropriate receiver buffer size per station in order for the rejections at destination to be effectively eliminated is not unlimited but is limited to three packets for 0.1% accepted maximum level of rejection probability. (C) 2019 The Franklin Institute. Published by Elsevier Ltd. All rights reserved.

2019

COM-402: Information security and privacy

This course provides an overview of information security and privacy topics. It introduces students to the knowledge and tools they will need to deal with the security/privacy challenges they are likely to encounter in today's Big Data world. The tools are illustrated with relevant applications.

CS-207: System oriented programming

Cours de programmation en langage C se focalisant sur l'utilisation des ressources système, en particulier la gestion de la mémoire (pointeurs).

CS-412: Software security

This course focuses on software security fundamentals, secure coding guidelines and principles, and advanced software security concepts. Students learn to assess and understand threats, learn how to design and implement secure software systems, and get hands-on experience with security pitfalls.

Pointer (computer programming)

In computer science, a pointer is an object in many programming languages that stores a memory address. This can be that of another value located in computer memory, or in some cases, that of memory

C (programming language)

C (pronounced 'siː – like the letter c) is a general-purpose computer programming language. It was created in the 1970s by Dennis Ritchie, and remains very widely used and influential. By design, C's

Vulnerability (computing)

Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the