Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Old
code used for new purposes - Recommendations.
•Enumerate and challenge
all assumptions you’ve made about the interaction
between old code and new.
•Test thoroughly.
•Test old code when
you’re using it for new purposes, even if you tested it before.
If your software allows the user to use UNICODE then do all of the testing you did for ASCII with UNICODE
as well.•Include the old code in
code inspection, even if you inspected it before.
•Test code on every type
of platform it will likely be used on.
Depending on how the processor
arranges memory you might have an off-by-one error
of a single byte that has no effect on program execution for a Sun processor but would have a noticeable
effect on program execution for an Intel
processor.