O'Reilly logo

Secure Programming with Static Analysis by Jacob West, Brian Chess

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

7. Bride of Buffer Overflow

Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat.

–SUN TZU

Not every buffer overflow is caused by errors in string manipulation, nor can every buffer overflow be prevented through judicious use of safer string-manipulation functions. An integer overflow occurs when an integral value is increased or decreased beyond its capacity. Integer overflow errors are frequently an attacker’s springboard to a buffer overflow. In many ways, buffer overflows are all about numbers. Numbers determine how much memory to allocate, control the bounds for string operations, and are used to calculate offsets for indexing memory. Likewise, not every countermeasure against buffer ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required