Object-code Buffer Overrun Evaluator - definizione. Che cos'è Object-code Buffer Overrun Evaluator
Diclib.com
Dizionario ChatGPT
Inserisci una parola o una frase in qualsiasi lingua 👆
Lingua:

Traduzione e analisi delle parole tramite l'intelligenza artificiale ChatGPT

In questa pagina puoi ottenere un'analisi dettagliata di una parola o frase, prodotta utilizzando la migliore tecnologia di intelligenza artificiale fino ad oggi:

  • come viene usata la parola
  • frequenza di utilizzo
  • è usato più spesso nel discorso orale o scritto
  • opzioni di traduzione delle parole
  • esempi di utilizzo (varie frasi con traduzione)
  • etimologia

Cosa (chi) è Object-code Buffer Overrun Evaluator - definizione

ANOMALY IN COMPUTER SECURITY AND PROGRAMMING THAT COULD BE EXPLOITED AS A SECURITY VULNERABILITY
Buffer-overrun; Buffer Overflow; Stack smash; Buffer overrun; Buffer overflows; Buffer overruns; Xrun; DLL trampolining; Pointer protection
  • Visualization of a software buffer overflow. Data is written into A, but is too large to fit within A, so it ''overflows'' into B.

Object-code Buffer Overrun Evaluator      
<security, programming, tool> (OBOE) A tool by R. Banfi, D. Bruschi, and E. Rosti for the automatic detection of buffer overflow vulnerabilities in object code. OBOE can be applied to operating system components as well as ordinary application programs. It was designed for the system administrator to identify vulnerable programs before they are exploited. Being automatic, OBOE can be run as a background process for the analysis of all potentially insecure programs installed on a Unix system. It runs on HP-UX, Linux, and Sun Solaris. http://idea.sec.dsi.unimi.it/research.html. (2003-10-25)
object code         
COMPUTER CODE COMPILED FROM SOURCE CODE
Object Code; Overhead code; Code object
The machine code generated by a source code language processor such as an assembler or compiler. A file of object code may be immediately executable or it may require linking with other object code files, e.g. libraries, to produce a complete executable program. (1995-01-31)
buffer overrun         

Wikipedia

Buffer overflow

In information security and programming, a buffer overflow, or buffer overrun, is an anomaly whereby a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.

Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs; if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, then an anomalous transaction that produces more data could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes.

Exploiting the behavior of a buffer overflow is a well-known security exploit. On many systems, the memory layout of a program, or the system as a whole, is well defined. By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code and replace it with malicious code, or to selectively overwrite data pertaining to the program's state, therefore causing behavior that was not intended by the original programmer. Buffers are widespread in operating system (OS) code, so it is possible to make attacks that perform privilege escalation and gain unlimited access to the computer's resources. The famed Morris worm in 1988 used this as one of its attack techniques.

Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array. Bounds checking can prevent buffer overflows, but requires additional code and processing time. Modern operating systems use a variety of techniques to combat malicious buffer overflows, notably by randomizing the layout of memory, or deliberately leaving space between buffers and looking for actions that write into those areas ("canaries").