Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Unsafe library function calls - Problem.
Unsafe library
functions are one of the main constituents of the buffer
overflow problem. Even simple ones like printf() have
caused buffer overflow security
problems.
The problem is that many
library functions don’t do bounds checking unless
explicitly told to, and also many stdio.h
functions use format strings which opens the door to all sorts
of weird exploits.