11189368
Description
Flashcards by Shahmeran Gilani, updated more than 1 year ago
|
Created by Shahmeran Gilani
over 6 years ago
|
|
| Question | Answer |
| What is a Buffer Overrun? | An anomaly that happens when you are writing data to a program and you overrun the buffers boundary and overwrite adjacent memory locations |
| Why are buffer overruns a problem? | Its because of poor coding practice |
| What type of functions are most common areas of buffer overruns? | String-Handling Functions |
| When a buffer declared on a stack is overwritten by copying data larger that the buffer capacity is considered what type of overrun? | Stack Overruns |
| Where are variables declared on the stack located by? | Variables declared on the stack are located next to the return address for the functions caller |
| Unchecked user input is passed into what unchecked function to produce a stack overrun? | strcpy |
| What is the result of sending a unchecked string input into strcpy? | The return address for the function gets overwritten by an address chosen by the attacker |
| What is one way of finding out that a buffer overrun exploit is achievable? | By getting a application error message which returns the letter we used to overrun the buffer |
| What are some of the uses of using perl? | Perl is a scripting language that allows to input ASCII characters into a script. |
| What are other examples of overruns? | Heap Overruns Array Indexing Errors Format String Bugs Unicode Buffer Size Mismatches |
| What is the easiest method to prevent a Buffer overrun? | Prevent it by validating all inputs coming into your functions |
| What is Safe String Handling? | It is the largest source of buffer overruns |
| Why shouldn't the strcpy (char *strDestination.char*strSource) be used? | It is unsafe. it can blow up due to: source or destination being null, having source string larger than destination |
| By using this statement: If (strlen(input) < sizeof(buf) ) Which unsafe function can you make a bit safer? | Strycpy. In this case you check the input buffer for proper length |
| True or False? Sprintf() is a safe function in c++ | False. It is just as bad as strcpy() |
| Strncpy(char*strDestination.char*strSource,Count) is safer than strcpy because it adds a count argument. Why is this still vulnerable to buffer overruns? | This is because you can pass a count that is larger than the destinations buffer size. If the source is bigger than the buffer, you will still get a buffer overrun. |
| What is a safe set of string handling functions? | Strsafe.h; Its been implemented into the latest Microsoft compilers |
| Visual C++ .NET/GS Options are compiler settings that prevents simple stack overruns by using ______ . This is still vulnerable to ______ stack overruns | Pointers ; Difficult |
Want to create your own Flashcards for free with GoConqr? Learn more.