Buffer
Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
How
to hijack the mailroom: the stack arrangement is the culprit
When the GetLastName() subroutine is called, a buffer is put on the stack for its use. The buffer is an array of 10 mailboxes to store 10 characters for Patty’s last name.
An 11th character is needed for the return address, to tell Norman where to resume execution after he’s finished with GetLastName().
An 11th character is needed for the return address, to tell Norman where to resume execution after he’s finished with GetLastName().