Which of the following best describes a buffer overflow attack?
Think about what happens when a program writes more data than a buffer can hold.
A buffer overflow attack happens when a program writes more data to a buffer than it can hold, causing the extra data to overwrite adjacent memory. This can lead to unexpected behavior or security vulnerabilities.
What is a common programming mistake that leads to buffer overflow vulnerabilities?
Consider what happens if input data is longer than the buffer size.
Not checking the length of input before copying it into a fixed-size buffer can cause data to overflow the buffer, leading to vulnerabilities.
What is a likely result if a buffer overflow overwrites a program's return address on the stack?
Think about what happens when the return address points somewhere unexpected.
If the return address on the stack is overwritten, the program may jump to an attacker-controlled location, allowing execution of malicious code.
What is the main purpose of stack canaries in preventing buffer overflow attacks?
Consider how a program can know if its stack was tampered with.
Stack canaries are special values placed before the return address. If a buffer overflow overwrites the stack, the canary value changes, allowing the program to detect the attack and stop execution.
Given two functions: strcpy() and strncpy(), why is strncpy() considered safer in preventing buffer overflow?
Think about how limiting copied data size helps avoid overflow.
strncpy() allows specifying the maximum number of characters to copy, which helps prevent writing beyond the buffer size if used properly. strcpy() does not check length and can cause overflow.