Buffer
Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
How to hijack the mailroom: the stack arrangement is the culprit
When the GetLastName()
subroutine is called, a buffer is put on the stack for its
use. The buffer is an array of 10 mailboxes to store 10
characters for Patty’s last name.
An 11th character is
needed for the return address, to tell Norman where to resume
execution after he’s finished with GetLastName().