Our day to day is made up of hundreds of programs. There is no time in our day when we don’t access one, be it a “traditional” program (which requires installation) or a web program. This time, we are going to explain everything you need to know about one of the oldest and most popular security flaws. The failure buffer overflow or buffer overflow , is one of the main headaches of developers. Over the years, it has become one of the allies of cybercriminals to execute other attacks as or more dangerous than this one.
But what exactly is a buffer overflow failure? It is a memory security problem where the software / program does not consider or verify its storage limits. Then, the program’s memory receives a greater amount of data than it can actually process according to how it was developed. In addition to leading to problems in the operation of this program or that it simply stops unexpectedly, vulnerabilities that can be exploited may come to light.
An interesting fact is that buffer overflow is one of the most common reasons why attacks through the execution of arbitrary code due to vulnerabilities are possible. Also, many programs developed in classic languages such as C and C ++ are considered as quite susceptible to this type of problem.
A security problem that persists over the years
Years have passed and this type of security problem is practically as valid as in the first years. Right away, there is no specific explanation that can show us why, after more than 10 years, this continues to be a tremendous headache for anyone involved in the development and / or maintenance of programs vulnerable to this. failure.
Another factor that fuels the popularity of this type of failure is the permanent popularity of the IoT , that is, the Internet of Things. More than ever, there is a chance that an object that we frequently use in our home or workplace can connect to a network. The unfortunate aspect of this welcome trend is that much of the IoT devices are controlled by very low-quality firmware. Furthermore, the controls and applications of security measures are practically nil. We know that there are many reputable manufacturers that do their best to protect not only devices but also users. However, equally, those manufacturers abound that leave aside the safe aspect of a good user experience.
Buffer overflow failure in action
Before moving on to a practical example it is important to be clear about the concept of the buffer (or buffer). In programming, this consists of memory locations that belong to a program. That is, a program has multiple memory locations to store all the data that is generated as a result of the use of said program. Any developer should be aware that the buffers or buffers are essential for proper operation of any program develops. If this aspect is neglected, the programs will have a lot of problems to work properly or stop working.
So, what happens during the buffer overflow is that a process is executed that causes the affected program to generate data in a greater quantity than the buffers of the program can store. Therefore, that data that is generated as the program itself is used, goes to locations in memory that are not prepared to store that data. Next, we share a highly practical and easy to understand video. Let’s see how the failure is put into practice with a simple program developed in the C language.
Fortunately, the video has opted for a very simple program: a simple form that only asks you to enter your name and surname on the keyboard. It allows you to understand in a few minutes how this type of failure behaves. Let’s pass the example of this same video to an everyday situation.
Imagine that you surf the web and you come across a service that has caught your attention. Therefore, you decide to subscribe and for this, you need to fill out a form with a few details. I just need to indicate my name, surname and email.
Nombre:
Apellido:
Correo electrónico:
Then, I enter my data.
Nombre: Lorena
Apellido: Fernández
Correo electrónico: lorena.fernandez@ejemplo.com
So far, everything is normal. But, what if you try to subscribe and put a very long name in the field? For example, this:
Nombre: Lorenaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Apellido: Fernández
Correo electrónico: lorena.fernandez@ejemplo.com
You click on Register and suddenly the form displays an error message that is not understandable to anyone. Many letters and numbers that are not understood. You try to fill the data again directly by changing the content of the fields, but nothing happens. Only by closing the website and reopening it, you can access the blank form and start again. This is how the buffer overflow works.
Bridge for other cyber attacks
Of course, there are somewhat more complex situations than a simple form. Likewise, with the demonstrated situation, it can be understood that any program, application or service developed with poor security practices lead to this type of failure.
This even gives cybercriminals the power to execute malicious code and thus have a much wider field of attack. Which means that many other attacks can be executed if the failure is executed successfully. DDoS attacks , SQL injections, phishing attacks can be carried out if the personal data of users is accessed, and even data leakage events can be carried out.
How to effectively protect yourself from this failure
One of the main recommendations, especially for developers, is to follow standards for developing secure code. In addition, awareness must be raised regarding the importance of making security one of the priorities when thinking about any type of software. According to the language you use, the framework and other aspects, you can find multiple guides with extremely detailed standards. They will not only help you develop code securely to prevent buffer overflow, but also other potential security threats. The OWASP project in its Top 10 section presents the main security threats for any type of web solution, we recommend you take a look.
Likewise, they propose to opt for programming languages that, in addition to being efficient in terms of memory usage, are safe. The same applies to any type of framework and library that needs to be used. Other already more specific recommendations for developers is that the applications contain, for example, executables of type position-independent. What would this be for? To limit the impacts that a buffer overflow could cause, assuming that the event could not be captured and contained. We are not only talking about prevention, but also mitigation of impacts. If we talk about security flaws, the limits are almost infinite.
We mentioned above that buffer overflow is a persistent situation in programs developed in languages like C and C ++. Fortunately, developers together developed and disseminated better and safer practices. And with practices we mean the development of the software itself. Consequently, many larger and smaller caliber manufacturers have already adopted such practices for their development cycle.
