Glossary · Term

buffer overflow

← all terms

Definition

Plain language

A bug where a program writes more data into a chunk of memory than it can hold, spilling into neighboring memory and often opening a security hole.

As stated in the literature

A memory-safety vulnerability in which a write exceeds the bounds of an allocated buffer, corrupting adjacent memory; in the heap variant, allocator metadata or neighboring objects get overwritten, frequently yielding exploitable conditions.

Also called: buffer overflows, heap buffer overflow

Why it matters: It is one of the most common ways attackers seize control of a program, so guarding against it is fundamental to writing secure software.

For example, a program that reserves room for ten characters but copies in a hundred-character name can spill the extra data into nearby memory and crash or be hijacked.

Heard on the show

“At the end, you ask a solver: is there a concrete input that would reach this exact line and cause a buffer overflow?”
Episode 014 — Why a Constrained Pipeline Beat a Full Coding Agent at Finding Bugs 30-to-1

Mentioned in 1 episode

  1. 014
    Why a Constrained Pipeline Beat a Full Coding Agent at Finding Bugs 30-to-1

Related concepts

Related terms