Buffer Overruns

A buffer overrun occurs when an attacker attempts to write too many bytes into an n-byte buffer. Three things can happen to your site as a result:

• You get an access violation (AV).
• Your site becomes unstable.
• The attacker injects code into your application, executes it, and makes everyone an administrator of your site.

The following topics in this section discuss the different types of buffer overruns, array indexing errors, format string bugs, and Unicode and ANSI buffer size mismatches. Format string errors do not strictly depend on a buffer overrun being present, but this newly publicized issue allows an attacker to do many of the same things that can be done with a buffer overrun. After demonstrating how buffer overruns work, techniques for avoiding these problems are discussed.

Note

• The version of Visual C++ included with Microsoft Visual Studio .NET includes support for preventing certain kinds of stack-based exploitable overruns. The technology in the compiler applies to all Windows C++ applications, not just to .NET managed code.

This section contains:

• Static Buffer Overruns
• Heap Overruns
• Array Indexing Errors
• Format String Bugs
• Unicode and ANSI Buffer Size Mismatches

Copyright © 2005 Microsoft Corporation.
All rights reserved.