In software, a stack buffer overflow (also known as stack smashing) occurs when a program writes to a memory address on the program's call stack outside of the intended data structure; usually a fixed length buffer. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than there was actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, and in cases where the overflow was triggered by mistake, will often cause the program to crash or operate incorrectly. This type of overflow is part of the more general class of programming bugs known as buffer overflows.
If the affected program is running with special privileges, or accepts data from untrusted network hosts (e.g. a webserver) then the bug is a potential security vulnerability. If the stack buffer is filled with data supplied from an untrusted user then that user can corrupt the stack in such a way as to inject executable code into the running program and take control of the process. This is one of the oldest and more reliable methods for black hat hackers to gain unauthorized access to a computer.
Famous quotes containing the words stack and/or overflow:
“Farewell to barn and stack and tree,
Farewell to Severn shore.
Terence, look your last at me,
For I come home no more.”
—A.E. (Alfred Edward)
“A mans interest in the world is only the overflow from his interest in himself. When you are a child your vessel is not yet full; so you care for nothing but your own affairs. When you grow up, your vessel overflows; and you are a politician, a philosopher, or an explorer and adventurer. In old age the vessel dries up: there is no overflow: you are a child again.”
—George Bernard Shaw (18561950)