Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Careless use of buffers without bounds checking - Problem.
This is the classic case
and the easiest to prevent.
Remember that C/C++ doesn’t do
automatic bounds checking for you.
If you declare an array as int A[100]
there is nothing in the C language to stop you from
executing a statement like A[555] = 1234;
You don’t need to access an
array with an invalid index to have a buffer
overflow. Pointer arithmetic is an
equally likely culprit.