Hacker News new | past | comments | ask | show | jobs | submit login
How a Buffer Overflow Works (wikipedia.org)
17 points by ccarpenterg on April 1, 2009 | hide | past | favorite | 6 comments

The obligatory Aleph One article:

"Smashing the stack for fun and profit" http://www.phrack.com/issues.html?issue=49&id=14&mod...

Hideous. A much better HN description is the Wikipedia page: http://en.wikipedia.org/wiki/Buffer_overflow

The link has now been changed to the Wikipedia one, so I'm not sure what was "hideous", but if it was the animated thing on Wired...I agree it's not for HN readers, but I actually sent that link to a few non-techies. So it's useful to us in that regard.

It's pretty easy to avoid. Just use a string class. Or check buffer length for things like URLs.

For format printing, I wrote a custom lsprintf (limit string printf) which has as its first argument, the maximum length of the string. lsprintf will never overwrite past that.

I'm surprised sprintf isn't mentioned in this.

A little too simple for most of us on HN, but this would be a great teaching tool for computer science classes

Here is a great computer science class that covered buffer overflows extensively: http://cr.yp.to/2004-494.html

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact