缓冲区溢出攻击与防范

随着计算机和网络技术的发展,计算机和网络的安全正受到日益严重的威胁。各种攻击手段不断出现,造成计算机和网络不能正常运行、数据受到破坏和窃取等。缓冲区溢出攻击是对计算机和网络进行攻击的常见方法之一。它是利用向一个有限的缓冲区中拷贝过长的字符串,导致缓冲区相邻存储单元被覆盖,从而使程序运行失败或跳转到攻击者设计的攻击代码处执行攻击代码。这样攻击者就有机会获取计算机或网络服务器的控制权。介绍了代码植入、参数传递、利用活动记录和函数指针及长跳转缓冲区等攻击方法。同时,介绍了缓冲区溢出攻击的防范措施。

Attack and Defense Based on Buffer Overflow

With the development of the technology of computers and networks, the safety of them is facing more and more serious threaten. The situations that computers or networks stop operate and the data in computers is destroyed or stolen are constantly appearing. The way based on buffer overflow is one of the means used by attackers. It makes the program in computer work abnormally or jump to the code made by the attacker through copying such a long string into a limited buffer that the store units neighboring the buffer is rewritten, so attacker has access to obtain the controlling authority of the computers and the servers. The attack's means, such as putting code, passing parameters, using activation records and function pointers, and long - jumping to buffer and so on, were described. Meanwhile, the ways that prevent the buffer from attacking were introduced.