A Study of Buffer Overflow Attacks
A computer buffer is an area of memory used for temporary storage of data when a program or hardware device needs an uninterrupted flow of information. A buffer overflow occurs when a program or process tries to store more data in a buffer than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere-can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information.