Introduction to Stack Buffer Overflows: Overwriting Data

Introduction to Buffer Overflows 

In the previous post, we talked about the stack layout on x86 processors and the x86 general registers and instruction set. In this post, we will learn how stack buffer overflows occur and how we can exploit this vulnerability to overwrite data in memory.

A buffer is a generic term for a block of data storage in memory. A buffer overflow is a condition that occurs when when we put more data into the buffer than that buffer can hold. The extra data overflows into the next region of memory, and this will usually cause the program to crash. However, sometimes, it is possible to overflow into a specific region of memory with a specific value such that when the computer attempts to use that memory, the data is valid.

Stack Buffer Overflow Primer: Stack and Assembly in x86

Introduction

A buffer overflow is a very well-known vulnerability that occurs when it is possible to put more data into a buffer than that buffer can hold. In the coming tutorials, we will learn about this vulnerability and how it can be exploited. In this tutorial, however, we will go over some concepts that will be necessary to know in order to understand the buffer overflow.

The Stack Structure

The stack is a data structure that holds information about functions while the program is executing. Whenever a function is called, a new stack frame is pushed onto the stack. When the function is finished executing, its stack frame is popped off the stack.  Consider the following program