Buffer overflow 

1 hour.

The purpose of this exercise is to introduce students to the concept of a buffer overflow and give them a first-hand opportunity to see buffer overflows in source code and exploit them.

Buffer overflows are a unique kind of occurrence enabled by poor programming in certain languages (for example C, C++, and assembly code) that allow the use of fixed memory buffers for storing variable-size data and do not include automatic bounds checking. A buffer is a bounded region of memory into which data can be stored. Buffer overflows result when a buffer is assigned more data than it can hold. The buffer "overflows" into the next available memory space, which happens to record the pointer to the next instruction segment to be executed by the host machine. This gives the opportunity to the attacker to overflow the buffer with code, which when executed can give the attacker a way to get into the host machine. In this exercise students will learn the basics of buffer overflows and how to identify them in source code, and exploit them.