Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Old code used for new purposes
Programmers often reuse
code that someone else wrote a long time ago. If you write a program and limit a
user’s input to 100 characters and
then put them into the old code’s 101-byte buffer you
can still get a buffer overflow.
How?
When the old code was
written the programmer assumed the use of ASCII where 1
character fills 1 byte. Your new code uses UNICODE (supports
international character sets) where 1 character
fills two bytes. This was the
cause of Code Red.