Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Old code used for new purposes
Programmers often
reuse code that someone else wrote a long time
ago. If you write a program and
limit a user’s input to 100 characters and
then put them into the old code’s 101-byte
buffer you can still get a buffer overflow.
How?
When the old code was
written the programmer assumed the use of ASCII
where 1 character fills 1 byte.
Your new code uses UNICODE (supports
international character sets) where 1
character fills two bytes. This
was the cause of Code Red.