Topic 3: C/C++ vulnerabilities

Question 1

what is buffer overflow?

Answer 1

data is written outside a buffer’s boundary (after the buffer)

Question 2

when do buffer overflows happen?

Answer 2

from insufficient input checks, unchecked buffer size, and integer overflows

Question 3

what functions can cause buffer overflow? (many list at least 4/5)

Answer 3

strcpy(), strcat(), memcpy(), memset(), memmove(), read(), fread(), gets(), fgets()

Question 4

what are some effects of buffer overflow?

Answer 4

• crash the app (DoS), take over the app, corrupt app state, leak sensitive data

Question 5

what is uninitialized memory?

Answer 5

Using a variable before initializing it with a value

Question 6

vulnerabilities of uninitialized memory?

Answer 6

can contain stale program values controlled by the attacker, larger issue if what is controlled is a pointer, function pointers especially are critical

Question 7

what causes null pointers?

Answer 7

when a variable is uninitialized or when a previously cleared variable is used

Question 8

what is use-after-free (UAF)?

Answer 8

Temporal violation that occurs when writing using a pointer that no longer points to a valid buffer

Question 9

problems caused by UAF?

Answer 9

serious and hard to discover and defend against, become more complex due to threading and concurrency, as severe as other memory corruption errors

Question 10

what is a segmentation fault?

Answer 10

when an attempt is made to access memory that either doesn’t exist or that requires a higher tier of permissions than what is accessible

Question 11

what is type confusion?

Answer 11

An object is accessed using a pointer of the wrong type