Chapter 11 Software Flaws and Malware
Buffer overflow:
Input length is greater than the length of buffer. The
information in the buffer gets overwritten. A canary tells when the
buffer is full if it the canary value is overwritten. Race conditions: Security processes should be atomic (occur at the same time all of them). Since they are not Trudy can get inbetween the processes like mkdir in Unix and get access to the directories made. Incomplete mediation: The input length of data is longer than the buffer length, this creates an error with this name. How to detect malware:
|