Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Old code used for new purposes - Recommendations.
•Enumerate and challenge all assumptions you’ve made about the interaction between old
code and new.
•Test thoroughly.
•Test old code when you’re using it for new purposes, even if you tested it before. If your software allows the user to use
UNICODE then do all of the testing
you did for ASCII with UNICODE as well.
•Include the old code in code inspection, even if you inspected it
before.
•Test code on every type of platform it will likely be used on. Depending on how the
processor arranges memory you might have an off-by-one error of a
single byte that has no effect on program execution for a Sun
processor but would have a noticeable effect on program execution for an
Intel processor.