Buffer overflow and format string overflow vulnerabilities

  title={Buffer overflow and format string overflow vulnerabilities},
  author={Kyung-suk Lhee and Steve J. Chapin},
  journal={Software: Practice and Experience},
  • K. Lhee, S. Chapin
  • Published 25 April 2003
  • Computer Science
  • Software: Practice and Experience
Buffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet to be found. Another kind of vulnerability called format string overflow has recently been found and although not as widespread as buffer overflow, format string overflow attacks are no less dangerous. 
On the Evolution of Buffer Overflows
This paper gives an overview of the existing buffer overflow techniques, emphasizing the attacker’s perspective and a discussion of the most well-known mitigation techniques.
Survey of Protections from Buffer-Overflow Attacks
A survey of approaches to provide protection from buffer-overflow attacks has grouped approaches into three board categories to provide a basis for understanding buffer- overflow protection schemes.
RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow
A dynamic analysis methods RICB (Run-time Integer Checking via Buffer overflow) that includes decompile execute file to assembly language; debug the execute file step into and step out; locate the overflow points and checking buffer overflow caused by integer overflow.
Realization of Buffer Overflow
  • An Zhiyuan, Liu Haiyan
  • Computer Science
    2010 International Forum on Information Technology and Applications
  • 2010
This paper first explains the concept of buffer overflow, buffer overflow principle; and the jump instruction is given using the examples of realization ofbuffer overflow attacks; and finally, combined with the type of buffers overflow attacks, buffer overflows, raised preventive strategies must be beneficial to improving programmers' security code consciousness.
Automatic Removal of Buffer Overflow Vulnerabilities in C/C++ Programs
ABOR is a framework that integrates, extends and generalizes existing techniques to remove buffer overflow vulnerability more effectively and accurately and is an optimized solution that can eliminate buffer overflows while keeping a minimum runtime overhead.
ABOR: An Automatic Framework for Buffer Overflow Removal in C/C++Programs
ABOR, a framework to remove buffer overflow vulnerabilities from source code automatically only patches identified code segments, which means it is an optimized solution that eliminates buffer overflows at the maximum while adds runtime overhead at the minimum.
A Taxonomy of Buffer Overflow Preconditions
This work develops a taxonomy of buffer overflow vulnerabilities based upon preconditions, or conditions that must hold for an exploitable buffer overflow to exist, and discusses alternate approaches to ameliorating this vulnerability.
A New Detection Method for Stack Overflow Vulnerability Based on Component Binary Code for Third-Party Component
  • Wanggen Xie, Jinchang Hu, P. Kudjo, Lei Yu, Zhifeng Zeng
  • Computer Science
    2018 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)
  • 2018
The introduced SBOD (stack buffer overflow detection) algorithm is a promising direction to assist software engineers who seek to detect stack overflow vulnerability in order to improve software quality.
Detection of Buffer Overflow Vulnerabilities in C/C++ with Pattern Based Limited Symbolic Evaluation
This work proposes a novel method to efficiently detect vulnerable buffer overflows in any given control flow graph through recognizing two patterns and significantly improves the scalability while not sacrificing the detection precision.
A Taxonomy of Buffer Overflow Characteristics
This work develops a taxonomy of buffer overflow vulnerabilities based upon characteristics, or preconditions that must hold for an exploitable buffer overflow to exist and discusses alternate approaches to ameliorating this vulnerability.


Buffer overflows: attacks and defenses for the vulnerability of the decade
This paper surveys the various types of buffer overflows, and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including the authors' own StackGuard method, to consider which combinations of techniques can eliminate the problem of buffer overflow deficiencies, while preserving the functionality and performance of existing systems.
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
  • C. Cowan
  • Computer Science
    USENIX Security Symposium
  • 1998
StackGuard is described: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties, and a set of variations on the technique that trade-off between penetration resistance and performance.
Statically Detecting Likely Buffer Overflow Vulnerabilities
An implementation of a new approach to mitigating buffer overflow vulnerabilities by detecting likely vulnerabilities through an analysis of the program source code is described that extends the LCLint annotation-assisted static checking tool.
FormatGuard: Automatic Protection From printf Format String Vulnerabilities
This paper describes the format bug problem, and FormatGuard is a small patch to glibc that provides general protection against format bugs that is effective in protecting several real programs with format vulnerabilities against live exploits.
Type-Assisted Dynamic Buffer Overflow Detection
This paper presents a buffer overflow detection technique that range checks the referenced buffers at run time and augments executable files with type information of automatic buffers and static buffers andstatic buffers in order to detect the actual occurrence of buffer overflow.
Transparent Run-Time Defense Against Stack-Smashing Attacks
Two new methods to detect and handle buffer overflow vulnerabilities in process stacks are presented that work with any existing pre-compiled executable and can be used transparently per-process as well as on a system-wide basis.
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities
The design and prototype of a new technique for finding potential buffer overrun vulnerabilities in security-critical C code are implemented and used to find new remotely-exploitable vulnerabilities in a large, widely deployed software package.
Detecting Format String Vulnerabilities with Type Qualifiers
We present a new system for automatically detecting format string security vulnerabilities in C programs using a constraint-based type-inference engine. We describe new techniques for presenting the
RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities
RaceGuard is presented: a kernel enhancement that detects attempts to exploit temporary file race vulnerabilities, and does so with sufficient speed and precision that the attack can be halted before it takes effect.
Intrusion detection via static analysis
  • D. Wagner, Drew Dean
  • Computer Science
    Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001
  • 2001
It is shown how static analysis may be used to automatically derive a model of application behavior and the result is a host-based intrusion detection system with three advantages: a high degree of automation, protection against a broad class of attacks based on corrupted code, and the elimination of false alarms.