Stack Overflow
Stack Overflow

Questions tagged [buffer-overrun]

72 questions
105
votes
10 answers

Does Java have buffer overflows?

Does Java have buffer overflows? If yes can you give me scenarios?
ecleel
  • 11,748
  • 15
  • 48
  • 48
25
votes
14 answers

What C/C++ tools can check for buffer overflows?

I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever want to know). I've decided to removing the…
MrValdez
  • 8,515
  • 10
  • 56
  • 79
18
votes
11 answers

What C/C++ functions are most often used incorrectly and can lead to buffer overflows?

I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever want to know). I've decided to removing the…
MrValdez
  • 8,515
  • 10
  • 56
  • 79
12
votes
3 answers

Is buffer overflow/overrun possible in completely managed asp.net c# web application

Can there be buffer overflow/overrun vulnerabilities in completely managed asp.net web portal.If yes how can this be tested.
Pradeep Kumar Mishra
  • 10,839
  • 4
  • 25
  • 26
8
votes
9 answers

How do you program safely outside of a managed code environment?

If you are someone who programs in C or C++, without the managed-language benefits of memory management, type checking or buffer overrun protection, using pointer arithmetic, how do you make sure that your programs are safe? Do you use a lot of…
Robert Harvey
  • 178,213
  • 47
  • 333
  • 501
8
votes
1 answer

Buffer overflow protection for stackalloc in .Net

From C# reference for stackalloc: the use of stackalloc automatically enables buffer overrun detection features in the common language runtime (CLR). If a buffer overrun is detected, the process is terminated as quickly as possible to minimize the…
Roland Pihlakas
  • 4,246
  • 2
  • 43
  • 64
7
votes
2 answers

What is the difference between STATUS_STACK_BUFFER_OVERRUN and STATUS_STACK_OVERFLOW?

I just found out that there is a STATUS_STACK_BUFFER_OVERRUN and a STATUS_STACK_OVERFLOW. What's the difference between those 2? I just found Stack overflow (stack exhaustion) not the same as stack buffer overflow but either it doesn't explain it…
Tobias Langner
  • 10,634
  • 6
  • 46
  • 76
6
votes
5 answers

if one complains about gets(), why not do the same with scanf("%s",...)?

From man gets: Never use gets(). Because it is impossible to tell without knowing the data in advance how many characters gets() will read, and because gets() will continue to store characters past the end of the buffer, it is …
dbarbosa
  • 2,969
  • 5
  • 25
  • 29
5
votes
3 answers

Why am I getting a buffer overrun error with this line of code?

I only have 1 line of code, and this is: pcrecpp::RE re("abc"); inside a function OnBnClickedButtonGo(). And this function fails in Release mode, but it works OK in debug mode. (I am using Visual Studio 8 on Windows XP.) The error message is: A…
Wartin
  • 1,965
  • 5
  • 25
  • 40
5
votes
0 answers

Is there a way to catch a STATUS_STACK_BUFFER_OVERRUN error programmatically?

We have some C code that is throwing a STATUS_STACK_BUFFER_OVERRUN error (0xC0000409) once in a while. I can reproduce that error using the C code below. I'm using Visual Studio 2013 Update 4 on Windows 7, and I'm compiling with the /EHa and /GS…
Whitney Kew
  • 215
  • 3
  • 13
4
votes
2 answers

Buffer overrun during Garbage Collection: psychic debugging request

Currently testing a C# (.Net 4.5) WPF application built on top of a C++ library (managed, I believe, I didn't write it). For various (practical) reasons, it's running on a server (with VS2012 installed, yes, yuck). The program hooks up to a camera…
Benjol
  • 63,995
  • 54
  • 186
  • 268
4
votes
0 answers

Stack cookie instrumentation code detected a stack-based buffer overrun - Fixed

so I am having a few issues with this program used to pixelate an image. One issue is that I get a "Stack around the variable 'pixArray' was corrupted" and then, when I click continue after breaking it gives the error in the title. I'm not sure if…
Alex Braniff
  • 41
  • 1
  • 1
  • 3
3
votes
2 answers

Visual studio gives a Buffer overrun warning when overrun can't actually ever happen

this is my code: void foo(int num) { int *pArr = (int *)malloc(num * sizeof(int)); // allocate array of 'sale' structs for each region for (int i = 0; pArr != NULL && i < num; i++) { pArr[i] = 1; } } int main() { int num…
forstack overflowizi
  • 324
  • 1
  • 3
  • 15
3
votes
1 answer

Experimenting with buffer overflow

I recently took a security class in which we briefly touched on buffer overflow. I wasn't satisfied with what we covered, so I looked for a few examples to follow along with and try myself and found Buffer Overflow Attack I like this example as it…
Greesy
  • 71
  • 7
3
votes
1 answer

Does reading from outside the buffer also count as buffer overrun?

My concern is the definition of buffer overrun. Looks like it only applies to writing outside the buffer. But recently we found a spectacular bug when the program attempted to read from outside the legally allocated block of memory and ran into…
sharptooth
  • 167,383
  • 100
  • 513
  • 979
1
2 3 4 5