Linux buffer overflow issues on Power-based systems

Jan 08, 2009, 10:30 (0 Talkback[s])
(Other stories by Ramon De Carvalho Valle)

[ Thanks to An Anonymous Reader for this link. ]

"Let's start with a quick review of buffer overflows. A buffer overflow, or buffer overrun, occurs when a process attempts to store data beyond the boundaries of a fixed-length buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data can include other buffers, variables, program flow data, etc. Overwriting this data can cause such problems as erratic program behavior, memory-access exceptions, program terminations of the crash variety, the wrong returned results, or the most dangerous thing for systems integrity: a breach of security.

"Buffer overflows cause many software weaknesses and, therefore, are the basis of malicious exploits. C/C++ systems are especially prone to overflows. They provide no built-in protection to stop accessing or overwriting data in any part of memory, and they don't automatically check that data written to a built-in buffer array is within the boundaries of that array. That's why you should always support a system that does bounds checking, either by you or by the compiler and runtime."

Complete Story

Related Stories:

• Are You Vulnerable To These Buffer Overflows?(Oct 04, 2007)
• PC World: Flaw Allows Malicious Hackers to Take Control of Snort(Feb 22, 2007)
• ZDNet UK: OpenOffice Hit by 'Highly Critical' Vulnerability(Jan 06, 2007)