What is Buffer overflow attack?

Buffer overflow attack is a computer security problem which occurs when a program is unable to handle large string provided by the user which finally leads to the overflow of the buffer. The attacker uses the storage area of the large string input by the user to find the return address. After the return address has been found, the attacker can then manipulate the program as per his choice. Buffer overflow attack happens when there is a fixed size buffer involved. It can be avoided by placing a limit on the strings which can be entered by the user which later has to be fed to a fixed length buffer.

Below given is a simple flow chart to understand Buffer overflow attack:

1) User starts running a program: User starts running a regular program which could be for any purpose.

2) Return address is pushed to stack:

3) Control is transfered to the program

4) Stack pointer is decremented for allocating space for local variables

5) Program is using fixed size buffer for handling the user inputs: Here, the program is using a fixed size buffer.

6) Long String is entered by the user: User typically enters a long string which cannot be handled by the fixed size buffer.

7) Buffer overflow. Memory overwritten: This results in buffer overflow and the memory is overwritten.

8) Attacker acquires return address and acquires access for program: Attacker looks for the storage area for the return address in the memory and acquires it. Eventually acquiring the access for the program.

What is Buffer overflow attack


Leave a Reply