From the course: Programming Foundations: Secure Coding
Unlock this course with a free trial
Join today to access over 24,700 courses taught by industry experts.
Memory management
From the course: Programming Foundations: Secure Coding
Memory management
- Memory management vulnerabilities are a very special class in that they're only exposed in certain languages and certain situations. The most common, and the one that I'll focus on, is the buffer overflow attack. I want to start by providing a clear indication of how bad buffer overflow vulnerabilities are. There are several yearly contests that result in large sums of prize money for security researchers that compromise systems, often called rooting. Some of the most profitable vulnerabilities are a result of buffer overflow attacks, including many of the zero days that are found. These attacks are catastrophic and can be expensive. But unfortunately, they can be hard for those developers who deal with higher level languages to see or even understand. In higher-level languages, for instance, we seldom deal with raw memory allocations. Even in languages like Go, Java, and C# where we have pointers, we're not usually able to manipulate raw memory without dropping into unsafe code. As…