Secure Software Design - Buffer Overflow Flashcards
What is a buffer overflow?
A vulnerability where excess data overwrites adjacent memory, potentially leading to unauthorized control of a program.
Fill in the blank: Buffer overflow exploits often occur due to insufficient ______ for user input.
Memory allocation
List the four primary memory segments in a program.
Text segment, Data segment, Heap, and Stack.
Where are local variables typically stored in memory?
On the stack.
What is the primary purpose of the text segment in memory?
To store executable instructions.
Why is the stack segment vulnerable to buffer overflow attacks?
It holds function call data, including return addresses, which can be overwritten to hijack program control.
Fill in the blank: In a function call, the ______ holds the previous function’s address to return to after execution.
Return address
Explain how the function call stack can be exploited in a buffer overflow.
By overwriting the return address with a new one pointing to malicious code.
What does a NOP sled accomplish in a buffer overflow attack?
It creates a buffer zone of no-operation instructions to ensure the shellcode is reached.
Define ‘shellcode’ in the context of buffer overflow attacks.
Malicious code designed to execute a specific command or task when the program is hijacked.
What is Return-Oriented Programming (ROP)?
An attack that uses existing code snippets (gadgets) in memory to perform malicious actions without injecting new code.
Fill in the blank: Safer functions like ______ help mitigate buffer overflow risks by limiting the length of copied data.
strncpy, snprintf, strncat
Why is Address Space Layout Randomization (ASLR) effective against buffer overflow?
It randomizes memory addresses, making it harder for attackers to predict critical locations.
What is the role of non-executable stack (NX) protection?
To mark stack memory as non-executable, preventing the execution of injected code.
Explain the purpose of a ‘stack canary.’
A small value placed between buffers and return addresses to detect memory corruption before a function returns.