App Vulnerabilities + Controls
Let's discuss some general app vulnerabilities:
- Buffer Overflow: A buffer is a synonym of an array. Some lower-level languages, such as C and C++, don't check whether the programmer exceeds the boundaries of the defined array. That is, a programmer can flawlessly access a memory location beyond the array that the programmer declared. This situation is called a buffer overflow.
Example: The program at BufferOverflow.c introduces a buffer overflow.
Question: on which code line does the overflow occur?
You can compile this program on any device by typing:
gcc -o BufferOverflow BufferOverflow.c
in the command prompt / terminal, and then execute it by typing:
./BufferOverflow (on a Mac/Linux computer,) or: BufferOverflow.exe on a Windows computer.
These notes by Miriam Briskman are licensed under CC BY-NC 4.0 and based on sources.