Chapter 5. Memory Corruption
“Nearly all men can stand adversity, but if you want to test a man’s character, give him power.”
Abraham Lincoln
Introduction
In this book, you’re asked to accept one basic assumption—that all memory corruption vulnerabilities should be treated as exploitable until you can prove otherwise. This assumption might seem a bit extreme, but it’s a useful perspective for a code auditor. Attackers can often leverage an out-of-bounds memory write to modify a program’s runtime state in an arbitrary manner, thus violating any security policy an application should be enforcing. However, it’s hard to accept the severity of memory corruption vulnerabilities or even understand them until you have some knowledge of how memory corruption ...
Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
