1. Software Standards Specification
  2. Software Requirements Definition
  3. Software Best Practices
  4. Input Validation
  5. Output Validation
  6. Cookie Requirements
  7. Access Failure Error Checking
  8. Buffer Overflow
  9. Code Structure
  10. Software Functions
  11. Software Modules
  12. Requirements for Variables
  13. Software Code Comment Requirements
  14. Quality Code Requirements
  15. Software Code Review
  16. Software Code Testing Requirements
  17. Software Change Control

    Security Best Practices

  18. Secure Functional Requirements
  19. Account Creation
  20. Change Password
  21. Forgot Password
  22. Personal Question
  23. Contact Webmaster
  24. CAPTCHA Tests
  25. Answer Verification

Buffer Overflow Errors

A buffer overflow error occurs when a program attempts to store data into an area of memory that is not large enough to contain the data being stored there. When this happens, other data in memory is erroneously changed. Software buffer errors are a major vulnerability in application programs. A buffer error will normally allow an error in memory to be changed and ultimately may cause a program to jump to an incorrect location. This error may allow an attacker to take over the program or the machine it is operating on. Buffer errors include:

  • Stack overruns - The stack is used to store addresses where code should return to when a call to a program is made. A buffer in the stack is overwritten by copying data to another buffer near it so that the data being copied is longer than the buffer it is being written to. This overwrites a return address for a function which can cause the returning function to return to the wrong place.
  • Heap overruns - Uses allocated buffers which reside in memory used by the program rather than the stack.
  • Format string bugs - When printing (displaying) strings, the programmer may not specify the format of the data (or string) being printed. if the string being printed contains format characters such as %d or %s, an attacker can send a string which may display the contents of the stack. They can also modify the stack to get the program to jump to an address which they can specify which could allow attacker control of your program and possibly the server. Programmers should use library functions in the most secure way possible and in this case, specify the intended format string in their statements so attackers cannot.
  • Array indexing errors - Arrays are lists of items such as integers, strings, or sobjects. Arrays may be single dimensional, a[x], or multidimensional a[x,y], a[x,x,z], etc. If an array of a set size is created and bounds checking is not used when writing to the array, a memory area outside the array could be written to. Programmers need to enforce bounds checking on the array when it is both read from or written to.
  • Unicode and ANSI buffer size mismatch - This error is due to the fact the size of a unicode character is larger (2 bytes) than an ANSI character (1 byte). When calculating the size of the unicode string the programmer must be sure they have correctly calculated based on the number of characters combined with the correct character size.
  • Integer handling errors - Much like a buffer overflow error, integers have different lengths. If an integer did not have its type checked and is placed in another integer storage space that is not large enough, it can overwrite an incorrect location in memory which could allow an attacker to gain control.

Buffer overflow errors have serious consequences and are either exploitable or may be exploitable. Buffer overflow errors cannot be proven to be secure. Buffer overflow errors are normally an easy and low risk software fix and should be corrected as early as possible.