Buffer Overflow.

Buffer overflows occur when input lengths are not properly bounded against the size of the destination buffer in languages like C and C++. The extra bytes overwrite neighbouring stack frames, heap chunks, function pointers, or return addresses, allowing attackers to hijack control flow or leak data. A classic stack smash overwrites the saved return address so the function "returns" into attacker-supplied shellcode; heap overflows instead corrupt allocator metadata or adjacent objects to gain a write primitive.

The pattern has driven internet history. The 1988 Morris Worm spread through a stack overflow in BSD fingerd; Code Red (2001) abused an unchecked buffer in the IIS .ida ISAPI filter (CVE-2001-0500); and SQL Slammer (2003) exploited the SQL Server Resolution Service overflow (MS02-039 / CVE-2002-0649), infecting roughly 75,000 hosts within ten minutes via a single 404-byte UDP packet to port 1434 — six months after the patch shipped.

Out-of-bounds write (CWE-787) ranked #2 on the 2024 CWE Top 25, behind only XSS. Modern mitigations layer stack canaries, ASLR, DEP/NX, Control-Flow Integrity (Intel CET, ARM PAC/BTI), safer libc functions, compiler hardening (_FORTIFY_SOURCE), fuzz testing, and — increasingly — porting hot code to memory-safe languages like Rust.

flowchart TD
  A[Attacker sends oversized input] --> B{Length checked against<br/>buffer size?}
  B -->|Yes, bounded| C[Input truncated / rejected]
  B -->|No bounds check| D[Write past buffer end]
  D --> E[Overwrite return address<br/>or function pointer]
  E --> F[Control flow redirected]
  F --> G[Attacker shellcode / ROP chain runs]
  C --> H[Program continues safely]