Content deleted Content added
→Buffer Overflow Prevention: fix caps+missing hyphen |
and more |
||
Line 37:
</syntaxhighlight>In the above code snippet, the program attempts to copy the contents of '''''src''''' into '''''dst,''''' while also checking the return value of malloc to ensure that enough memory was able to be allocated for the destination buffer.
== Format-string
A [[Format string attacks|Format String Attack]] is when a malicious user supplies specific inputs that will eventually be entered as an argument to a function that performs formatting, such as [[printf()]]. The attack involves the adversary reading from or writing to the [[Call stack|stack]].
Line 46:
</syntaxhighlight>A malicious argument passed to the program could be “%s%s%s%s%s%s%s”, which can crash the program from improper memory reads.
== Integer-overflow
[[Integer overflow]] occurs when an arithmetic operation results in an integer too large to be represented within the available space. A program which does not properly check for integer overflow introduces potential software bugs and exploits.
| |||