978-0840020932 Chapter 12

Chapter 12: Buffer Overflows

TRUE/FALSE

1. Buffer overflow is a condition common to structured programming languages such as the “C” language.

2. Functions use variables to store values that may be stored temporarily or permanently.

3. Buffer overflows are always intentional attacks.

4. A stack cannot store details regarding the function that called the currently executing function.

5. A heap provides a permanent memory space unlike the temporary memory space that is provided by a

stack.

MULTIPLE CHOICE

1. The “____” language was used to write utilities and operating systems, including UNIX and Windows.

a.

C

c.

Basic

b.

Java

d.

Fortran

2. When a user requests to execute a “C” program file, the primary function referred to is the ____ function.

a.

start

c.

load

b.

open

d.

main

3. The ____ bug targets the variables that are used by functions to store values.

a.

overload

c.

flood

b.

buffer overflow

d.

DoS

4. To circumvent stack buffer overflows, programmers create applications that do not allow extra

characters to be accepted by a variable making the traditional buffer overflow method problematic. This

check can be bypassed by using the ____ method.

a.

character hashing

c.

character-set decoding

b.

nybble-to-byte compression

d.

set encryption

5. The ____ function is a secure replacement for the gets() function.

a.

strncat()

c.

strncpy()

b.

snprintf()

d.

fgets()

COMPLETION

1. ____________________ happens when input applied to a variable is larger than the memory allotted to

that variable.

2. ____________________ has a goal of overloading the memory space provided to the variable. This

might either allow the attacker to crash the computer or break into it.

3. On some specific operating systems, the kernel can be patched in such a way that running processes are

not affected by buffer overflow conditions. This patch is called ______________________________.

4. Buffer overflows can be divided into two categories: _________________________ and heap overflow.

5. A(n) ____________________ is known as the corruption of the instruction pointer, which points to the

memory area where the function to be executed is stored.

SHORT ANSWER

1. How can buffer overflows be avoided?

2. Why do programs need a memory stack area?

3. What are the steps involved in a buffer overflow exploit?

4. What are some of the C functions susceptible to buffer overflow?

5. Describe the nybble-to-byte compression method.