How to explain buffer overflow to a layman

77 点作者 egsec大约 11 年前

14 条评论

archon大约 11 年前

The analogies in the post seem a bit overly complicated to me. Keep it simple.Let's say I have an empty glass (memory allocation). I know ahead of time that the maximum capacity of that glass is 8 ounces. A buffer overflow is what happens when I overfill that glass. If the amount of water in the glass stays less than 8 ounces, no problem. If it overfills, I don't quite know where it'll go. It might get into something it shouldn't be in (security, program instability, etc).

评论 #7458349 未加载

评论 #7458369 未加载

评论 #7458850 未加载

评论 #7458392 未加载

评论 #7458963 未加载

评论 #7460307 未加载

spingsprong大约 11 年前

You don't need analogies.A buffer is a place in a computer's memory for storing things, text, numbers, data, whatever.A buffer overflow is when you try to put more into a buffer than there is room for.When this happens, some of what you tried to put into the buffer spills over into memory outside the buffer.This other memory could have important things in it which can get destroyed or changed when a buffer overflow spills into it, causing programmes to behave in strange ways.

评论 #7459378 未加载

summerdown2大约 11 年前

How about:The sun's burning down. You sit behind a table in the market, your guide dog at your feet, lapping up water from its bowl.You're selling cool drinks of lemonade to passers by. You have a glass on the edge of the table, above your dog. For £1, you let customers pour lemonade into the glass and take a drink.Then along comes Mrs Peabody, who hates your dog. She pays you £1 and pours lemonade into your cup. But she keeps on pouring. Because you're blind, you don't see the cup overflowing and the lemonade pouring into your dog's bowl.After Mrs Peabody goes away, the dog laps up the lemonade and feels sick. You don't know why.If only you could see enough to make people put the right amount of lemonade in the glass, you'd have been fine.

shrughes大约 11 年前

If you want to defend against hijackings, the problem you're trying to solve is one that programmers know well: the buffer overflow attack.In a buffer overflow attack, someone gives a program much more data than it was expecting. The data is too long for the memory allocated for it and overflows into the memory occupied by the program itself. Suddenly the computer is running the attacker's code.In a hijacking, the same thing happens to a plane. A plane has two separate spaces, one for the people carried on it, and one for the people who control it. A hijacking happens when passengers overflow into the cockpit from the cabin. What was cargo is now in control. By promoting themselves from data to code, hijackers on September 11th promoted box-cutters into 400,000 lb. incendiary bombs.

viralpoetry大约 11 年前

I made a simple html based visualisation of buffer overflow vulnerabilities. Check at <a href="http://viralpoetry.org/en/gets.html" rel="nofollow">http://viralpoetry.org/en/gets.html</a> or <a href="http://viralpoetry.org/en/strcpy.html" rel="nofollow">http://viralpoetry.org/en/strcpy.html</a>

VLM大约 11 年前

It is interesting to both read the original request and then see how many replies insist on only explaining a buffer overflow and not answer the complete question about buffer overflow exploits. Many of the example overflows such as the waffle cook make no sense in a discussion of exploits."I need to explain A, in order to explain B, but I'm not good at explaining A". "Here's a truly excellent example of explaining A ... which also unfortunately makes it completely impossible to explain B, uh, my bad".Also, there's a meta exploit to the whole thing where a good question on a SE site didn't get closed or deleted as off topic or inappropriate for the site. Thats the most amazing thing about the whole discussion.

Double_Cast大约 11 年前

Back to the old punch tape:A computer is like a robot, controlled by a roll of toilet-paper covered in stickers. The pattern of stickers controls the robot. You can't put more than one sticker in a single square.Let's say I buy a house-keeping robot. The manufacturers left 64 consecutive squares of toilet-paper blank. The manual says I can specify which parts of the house I want cleaned by filling in the blanks with stickers.If I add more than 64 stickers, this means I covered-up some of the stickers the manufacturers put on. This causes the robot to malfunction. This is called an overflow. If I know the language the stickers are written in, I can intentionally overflow the robot to act in (potentially evil) ways that have nothing to do with cleaning.

api_or_ipa大约 11 年前

The top rated answer is extremely complicated.Real life examples that are considerably easier to understand exist.However, the easiest way to show a user the problem is to demonstrate the use of the "insert" key on any keyboard. Instead of adding characters, it'll write over existing characters.I think most users should know about the dreaded insert key from accidentally pressing it. If not, you might need to sit them in front of a computer.

评论 #7461009 未加载

maxerickson大约 11 年前

I would try a scrabble tile holder as the base analogy. Then say in the computer it is a little different, it has spaces for words. If the program expects a 3 letter word (emphasize that the length is an example) and does not check how long the input is, a longer word can fill some of the space for next word.

JonnieCache大约 11 年前

<a href="http://www.theregister.co.uk/2001/10/21/i_spy_with_my_bastard" rel="nofollow">http://www.theregister.co.uk/2001/10/21/i_spy_with_my_bastar...</a>Looking back at the BOFH it was actually surprisingly educational.

ArkyBeagle大约 11 年前

With banjo music playing, the chicken truck has gone off the road, through the fence and is now tearing up a cornfield.Now, here's Conway Twitty...

darksim905大约 11 年前

I enjoyed this, thanks! Concise & to the point

coldcode大约 11 年前

Be nice to have a site one could go to for layman explanations for common situations.

评论 #7458351 未加载

Nilzor大约 11 年前

Not enough whitespace in that answer