SystemsSec 2016W Lecture 13: Difference between revisions
Hassansaid (talk | contribs) Created page with "Class Notes Unsafe Language Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really stron..." |
Hassansaid (talk | contribs) No edit summary |
||
Line 6: | Line 6: | ||
Memory Corruption Attack | Memory Corruption Attack | ||
Figure 1: System structure with certain portions of memory re severed for those types | |||
In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put to much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler. | |||
A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault. | |||
Classic Buffer Overflow Attack |
Revision as of 23:48, 2 March 2016
Class Notes Unsafe Language Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really strong compilers.
Secure systems are not susceptible to overflow attacks because the reference monitor is small enough to verify and remove any bugs. The reference monitor is also resilient due to the fact that it is outside the domain of process execution.
Memory Corruption Attack Figure 1: System structure with certain portions of memory re severed for those types
In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put to much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler.
A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.
Classic Buffer Overflow Attack