From the course: Developing Secure Software
Join today to access over 23,200 courses taught by industry experts.
Buffer overflow attacks
From the course: Developing Secure Software
Buffer overflow attacks
- [Instructor] Software applications vulnerable to buffer overflow attacks are classic examples of the results of programming decisions adverse to security. Buffer overflow attacks exploit the lack of user input validation. The question here is, how much freedom can you give in terms of what users can provide to the software? The answer should be as little as possible to get the work done. You should be using the least privilege principle here. There are different containers in your main memory, one of which includes an area storing user inputs called buffer. Stack and heap are examples of other containers in the main memory. When an attacker puts too much information into the buffer, it can overflow into other adjacent containers in the primary memory of your computer. This can contaminate the information already stored in these other containers, therefore making the software misbehave. Buffer overflow attacks can crash your program or entire operating system. More sophisticated…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
Introduction to secure coding1m 11s
-
(Locked)
Buffer overflow attacks1m 45s
-
(Locked)
Buffer overflow countermeasures1m 40s
-
(Locked)
Broken authentication and session management1m 10s
-
(Locked)
Broken authentication and session management countermeasures2m 14s
-
(Locked)
Insecure direct object references1m 31s
-
(Locked)
Insecure direct object references countermeasures55s
-
(Locked)
Sensitive information exposure1m 15s
-
(Locked)
Sensitive information exposure countermeasures1m 55s
-
(Locked)
Other secure coding leading practices2m 30s
-
-
-
-