An empirical study of the reliability of UNIX utilities
Communications of the ACM
Software Security for Open-Source Systems
IEEE Security and Privacy
Characterizing the 'Security Vulnerability Likelihood' of Software Functions
ICSM '03 Proceedings of the International Conference on Software Maintenance
| Hi-index | 0.00 |
A buffer overrun is caused by the limited size of a string variable's allocated space and the unlimited size of the actual string that is stored in the space. In the C programming language, it is the programmer's responsibility to make sure the actual string size does not exceed the size of the space allocated for it. However, programmers sometimes fail to put in the necessary checks for string size. It is possible, when programming in C, to write past the end of the current string and into the allocated space for an entirely different variable. The affected variable may or may not be another string. However, the integrity of both variables will be compromised. This paper will present the results of an experiment which shows exactly what happens when strings and other variables are compromised in this way. Writing beyond the end of a string allocation seems like a trivial problem. These faults should be easy to find and fix. However, in reality, they are nearly impossible to find in many situations. The experiment makes the problem very clear so that everyone will understand why these faults are not easy to find and fix before they cause serious problems. Since this is a C programming language problem, and both Windows and Unix operating systems are written mostly in C, many system errors may be a result of this problem. Understanding the problem can save countless hours in system debugging.