Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Some time ago I heard about memory invasions, when some part of software A gets inside another part of the same software A, therefore stopping the program from working correctly.
Do memory invasion really exist? I mean, I’ve been using C++ and I know arrays can grow indefinetly, but can they grow over other structures? If arrays won’t generate MI’s, what will?
You’re describing a buffer overflow, and yes, they are a large source of security problems in software. If someone can overrwrite program code with arbitrary data, and that arbitrary data contains executable code of the attacker’s choice, then they can essentially execute machine code with the priviledge level of the program in which the overflow occurred.
This problem usually happens when a fixed amount of storage is allocated for an unknown amount of input (from keyboard, network, API call, etc.), and the amount of input turns out to be larger than the size of the storage. In programming languages that do not perform bounds checking on array accesses, this can result in executable areas of code being overwritten. Technologies like DEP can mitigate this risk by write-protecting executable areas of memory.