O'Reilly logo

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by Justin Schuh, John McDonald, Mark Dowd

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Memory Corruption

“Nearly all men can stand adversity, but if you want to test a man’s character, give him power.”

Abraham Lincoln

Introduction

In this book, you’re asked to accept one basic assumption—that all memory corruption vulnerabilities should be treated as exploitable until you can prove otherwise. This assumption might seem a bit extreme, but it’s a useful perspective for a code auditor. Attackers can often leverage an out-of-bounds memory write to modify a program’s runtime state in an arbitrary manner, thus violating any security policy an application should be enforcing. However, it’s hard to accept the severity of memory corruption vulnerabilities or even understand them until you have some knowledge of how memory corruption ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required