What is the main cause?

Why do buffer overflows happen? What is the main cause?

Why do buffer overflows happen? What is the main cause?

A.
Because buffers can only hold so much data

B.
Because of improper parameter checking within the application

C.
Because they are an easy weakness to exploit

D.
Because of insufficient system memory

Explanation:
In computer security and programming buffer overflow is a type of application error. The application’s lack of
proper checking of parameters causes the buffer overflow.
A buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the
buffer’s boundary and overwrites adjacent memory locations. This is a special case of the violation of memory
safety.
Incorrect Answers:
A: It is true that there is a limit of data that can be handled by a buffer, but this limit is not the cause of the
overflow.
B: Buffer overflows can be exploited, but the cause is a flaw in the program. The exploitation does not cause
the overflow.
D: Insufficient memory does not cause overflows. The overflow is caused by a flow in the application.

Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,
p. 71



Leave a Reply 0

Your email address will not be published. Required fields are marked *