|
Buffer Overflow is an unfortunate programming error. Within a computer’s internal memory are a series of containers called buffers. When running a program that communicates over the Internet, such as a web browser, the technology functions so that the contents in the buffers of the network server are transferred to the buffers in the computer.
One example is when a password is entered on a web page. The password is stored in its own buffer on the local computer. Consider, for example, that this buffer could only have enough space for eight characters. If the programr forgets to check the buffer size, the buffer runs over if someone enters more than eight characters.
Unfortunately, not all programrs are aware of this. If those who write software have not included a routine that checks if enough room exists in the buffer, the areas that are physically next to the buffer will be overwritten. This is extremely regrettable. The computer gives no warning and continues to run as if nothing has happened.
Unfortunately, the overwritten areas can hold important instructions for the software that’s running, such as “Please provide an overview of all my documents”.
This is exactly the type of weakness that virus creators exploit. They can make a virus that sends a larger data packet than the computer’s buffer capacity. If the hacker discovers exactly where the most important instructions are located, the virus can be programd so that it overwrites these instructions with completely different commands, such as “Delete all of my documents now”. And then the user is out of luck.
|