Application & Web Security: Lecture Notes

Exploiting a buffer overflow flaw isn't an easy thing: an attacker first needs to spot this flaw somewhere in a program, and then carefully plan his or her actions, including how much data to overwrite, and what malicious code to insert. Operating Systems might have installed countermeasures, such as non-executable stacks (which are areas of Main Memory that an attacker can never get to run,) which require greater efforts on the side of the attacker.

Besides exceeding array boundaries, as witnessed in the previous C program, another common source of buffer overflow are uses of C string functions, such as strcpy(), gets(), sprintf(), and strcat(), which don't perform any boundary checks. This is just a partial list of such functions in C.

Thankfully, C also provides alternative functions that prevent buffer overflow from happening: strncpy(), fgets(), snprintf(), and strncat(). These functions take the number of characters, n, to be read/written/copied, and thereby don't exceed the target string's size (by the way, this is why the names of some such functions contain an extra letter 'n'.) It is, therefore, advisable that you use the overflow-safe function versions in your coding.