Buffer overflow and format string overflow vulnerabilities
Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability call...
Gespeichert in:
| Veröffentlicht in: | Software, practice & experience practice & experience, 2003-04, Vol.33 (5), p.423-460 |
|---|---|
| Hauptverfasser: | , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 460 |
|---|---|
| container_issue | 5 |
| container_start_page | 423 |
| container_title | Software, practice & experience |
| container_volume | 33 |
| creator | Lhee, Kyung-Suk Chapin, Steve J. |
| description | Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability called format string overflow has recently been found and although not as widespread as buffer overflow, format string overflow attacks are no less dangerous.
This article surveys representative techniques of exploiting buffer overflow and format string overflow vulnerabilities and their currently available defensive measures. We also describe our buffer overflow detection technique that range checks the referenced buffers at run‐time. We augment executable files with the type information of automatic buffers (local variables and parameters of functions) and static buffers (global variables in the data/bss section) and maintain the sizes of allocated heap buffers in order to detect an actual occurrence of buffer overflow. We describe a simple implementation with which we currently protect vulnerable copy functions in the C library. Copyright © 2003 John Wiley & Sons, Ltd. |
| doi_str_mv | 10.1002/spe.515 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_27799116</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>27799116</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3615-bc33ae064cf0474d63ccef8cd62d74f800f9a9b2e3790791a40f3ea52e9299be3</originalsourceid><addsrcrecordid>eNp10D1PwzAQgGELgUQpiL-QCQaUcraTuGaDqi1IFVA-RDfLSc7IkCbFTlr67wkKgonphnt0J72EHFMYUAB27lc4iGm8Q3oUpAiBRYtd0gPgwxCSKNonB96_AVAas6RHLq4aY9AF1RqdKapNoMs8MJVb6jrwtbPl699q3RQlOp3awtYW_SHZM7rwePQz--R5Mn4aXYezu-nN6HIWZjyhcZhmnGtsX2cGIhHlCc8yNMMsT1guIjMEMFLLlCEXEoSkOgLDUccMJZMyRd4nJ93dlas-GvS1WlqfYVHoEqvGKyaElJQmLTztYOYq7x0atXJ2qd1WUVDfbVTbRrVtWnnWyY0tcPsfU4_3406Hnba-xs9frd27SgQXsXq5nSo6n3D2MF-oW_4Fzmx0ng</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>27799116</pqid></control><display><type>article</type><title>Buffer overflow and format string overflow vulnerabilities</title><source>Access via Wiley Online Library</source><creator>Lhee, Kyung-Suk ; Chapin, Steve J.</creator><creatorcontrib>Lhee, Kyung-Suk ; Chapin, Steve J.</creatorcontrib><description>Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability called format string overflow has recently been found and although not as widespread as buffer overflow, format string overflow attacks are no less dangerous.
This article surveys representative techniques of exploiting buffer overflow and format string overflow vulnerabilities and their currently available defensive measures. We also describe our buffer overflow detection technique that range checks the referenced buffers at run‐time. We augment executable files with the type information of automatic buffers (local variables and parameters of functions) and static buffers (global variables in the data/bss section) and maintain the sizes of allocated heap buffers in order to detect an actual occurrence of buffer overflow. We describe a simple implementation with which we currently protect vulnerable copy functions in the C library. Copyright © 2003 John Wiley & Sons, Ltd.</description><identifier>ISSN: 0038-0644</identifier><identifier>EISSN: 1097-024X</identifier><identifier>DOI: 10.1002/spe.515</identifier><language>eng</language><publisher>Chichester, UK: John Wiley & Sons, Ltd</publisher><subject>array and pointer range checking ; buffer overflow ; ELF ; format string overflow ; Linux</subject><ispartof>Software, practice & experience, 2003-04, Vol.33 (5), p.423-460</ispartof><rights>Copyright © 2003 John Wiley & Sons, Ltd.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3615-bc33ae064cf0474d63ccef8cd62d74f800f9a9b2e3790791a40f3ea52e9299be3</citedby><cites>FETCH-LOGICAL-c3615-bc33ae064cf0474d63ccef8cd62d74f800f9a9b2e3790791a40f3ea52e9299be3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1002%2Fspe.515$$EPDF$$P50$$Gwiley$$H</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1002%2Fspe.515$$EHTML$$P50$$Gwiley$$H</linktohtml><link.rule.ids>314,780,784,1417,27924,27925,45574,45575</link.rule.ids></links><search><creatorcontrib>Lhee, Kyung-Suk</creatorcontrib><creatorcontrib>Chapin, Steve J.</creatorcontrib><title>Buffer overflow and format string overflow vulnerabilities</title><title>Software, practice & experience</title><addtitle>Softw: Pract. Exper</addtitle><description>Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability called format string overflow has recently been found and although not as widespread as buffer overflow, format string overflow attacks are no less dangerous.
This article surveys representative techniques of exploiting buffer overflow and format string overflow vulnerabilities and their currently available defensive measures. We also describe our buffer overflow detection technique that range checks the referenced buffers at run‐time. We augment executable files with the type information of automatic buffers (local variables and parameters of functions) and static buffers (global variables in the data/bss section) and maintain the sizes of allocated heap buffers in order to detect an actual occurrence of buffer overflow. We describe a simple implementation with which we currently protect vulnerable copy functions in the C library. Copyright © 2003 John Wiley & Sons, Ltd.</description><subject>array and pointer range checking</subject><subject>buffer overflow</subject><subject>ELF</subject><subject>format string overflow</subject><subject>Linux</subject><issn>0038-0644</issn><issn>1097-024X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2003</creationdate><recordtype>article</recordtype><recordid>eNp10D1PwzAQgGELgUQpiL-QCQaUcraTuGaDqi1IFVA-RDfLSc7IkCbFTlr67wkKgonphnt0J72EHFMYUAB27lc4iGm8Q3oUpAiBRYtd0gPgwxCSKNonB96_AVAas6RHLq4aY9AF1RqdKapNoMs8MJVb6jrwtbPl699q3RQlOp3awtYW_SHZM7rwePQz--R5Mn4aXYezu-nN6HIWZjyhcZhmnGtsX2cGIhHlCc8yNMMsT1guIjMEMFLLlCEXEoSkOgLDUccMJZMyRd4nJ93dlas-GvS1WlqfYVHoEqvGKyaElJQmLTztYOYq7x0atXJ2qd1WUVDfbVTbRrVtWnnWyY0tcPsfU4_3406Hnba-xs9frd27SgQXsXq5nSo6n3D2MF-oW_4Fzmx0ng</recordid><startdate>20030425</startdate><enddate>20030425</enddate><creator>Lhee, Kyung-Suk</creator><creator>Chapin, Steve J.</creator><general>John Wiley & Sons, Ltd</general><scope>BSCLL</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope></search><sort><creationdate>20030425</creationdate><title>Buffer overflow and format string overflow vulnerabilities</title><author>Lhee, Kyung-Suk ; Chapin, Steve J.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3615-bc33ae064cf0474d63ccef8cd62d74f800f9a9b2e3790791a40f3ea52e9299be3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2003</creationdate><topic>array and pointer range checking</topic><topic>buffer overflow</topic><topic>ELF</topic><topic>format string overflow</topic><topic>Linux</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Lhee, Kyung-Suk</creatorcontrib><creatorcontrib>Chapin, Steve J.</creatorcontrib><collection>Istex</collection><collection>CrossRef</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><jtitle>Software, practice & experience</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Lhee, Kyung-Suk</au><au>Chapin, Steve J.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Buffer overflow and format string overflow vulnerabilities</atitle><jtitle>Software, practice & experience</jtitle><addtitle>Softw: Pract. Exper</addtitle><date>2003-04-25</date><risdate>2003</risdate><volume>33</volume><issue>5</issue><spage>423</spage><epage>460</epage><pages>423-460</pages><issn>0038-0644</issn><eissn>1097-024X</eissn><abstract>Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability called format string overflow has recently been found and although not as widespread as buffer overflow, format string overflow attacks are no less dangerous.
This article surveys representative techniques of exploiting buffer overflow and format string overflow vulnerabilities and their currently available defensive measures. We also describe our buffer overflow detection technique that range checks the referenced buffers at run‐time. We augment executable files with the type information of automatic buffers (local variables and parameters of functions) and static buffers (global variables in the data/bss section) and maintain the sizes of allocated heap buffers in order to detect an actual occurrence of buffer overflow. We describe a simple implementation with which we currently protect vulnerable copy functions in the C library. Copyright © 2003 John Wiley & Sons, Ltd.</abstract><cop>Chichester, UK</cop><pub>John Wiley & Sons, Ltd</pub><doi>10.1002/spe.515</doi><tpages>38</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0038-0644 |
| ispartof | Software, practice & experience, 2003-04, Vol.33 (5), p.423-460 |
| issn | 0038-0644 1097-024X |
| language | eng |
| recordid | cdi_proquest_miscellaneous_27799116 |
| source | Access via Wiley Online Library |
| subjects | array and pointer range checking buffer overflow ELF format string overflow Linux |
| title | Buffer overflow and format string overflow vulnerabilities |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T23%3A56%3A50IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Buffer%20overflow%20and%20format%20string%20overflow%20vulnerabilities&rft.jtitle=Software,%20practice%20&%20experience&rft.au=Lhee,%20Kyung-Suk&rft.date=2003-04-25&rft.volume=33&rft.issue=5&rft.spage=423&rft.epage=460&rft.pages=423-460&rft.issn=0038-0644&rft.eissn=1097-024X&rft_id=info:doi/10.1002/spe.515&rft_dat=%3Cproquest_cross%3E27799116%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=27799116&rft_id=info:pmid/&rfr_iscdi=true |