Buffer over-read
In computer security and programming, a buffer over-read[1][2] or out-of-bounds read[3] is an anomaly where a program, while reading data from a buffer, overruns the buffer's boundary and reads (or tries to read) adjacent memory. This is a special case of violation of memory safety.
Buffer over-reads can be triggered, as in the Heartbleed bug, by maliciously crafted inputs that are designed to exploit a lack of bounds checking to read parts of memory not intended to be accessible. They may also be caused by programming errors alone. Buffer over-reads can result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. Thus, they are the basis of many software vulnerabilities and can be maliciously exploited to access privileged information.[citation needed]
At other times, buffer over-reads not caused by malicious input can lead to crashes if they trigger invalid page faults. For example, widespread IT outages in 2024 were caused by an out-of-bounds memory error in cybersecurity software developed by CrowdStrike.[4]
Programming languages commonly associated with buffer over-reads include C and C++, which provide no built-in protection against using pointers to access data in any part of virtual memory, and which do not automatically check that reading data from a block of memory is safe; respective examples are attempting to read more elements than contained in an array, or failing to append a trailing terminator to a null-terminated string. Bounds checking can prevent buffer over-reads,[5] while fuzz testing can help detect them.
See also
[edit]References
[edit]- ^ "CWE – CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). February 18, 2014. Archived from the original on February 8, 2018. Retrieved July 24, 2024.
- ^ Strackx, Raoul; Younan, Yves; Philippaerts, Pieter; Piessens, Frank; Lachmund, Sven; Walter, Thomas (2009-01-01). "Breaking the memory secrecy assumption". Proceedings of the Second European Workshop on System Security. EUROSEC '09. New York, NY, USA: ACM. pp. 1–8. doi:10.1145/1519144.1519145. ISBN 9781605584720. S2CID 17259394.
- ^ "CWE - CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). Archived from the original on August 17, 2023. Retrieved July 24, 2024.
- ^ "Falcon Content Update Remediation and Guidance Hub | CrowdStrike". crowdstrike.com. Archived from the original on 2024-07-24. Retrieved 2024-07-24.
- ^ Yves Younan; Wouter Joosen; Frank Piessens (2013-02-25). "Efficient protection against heap-based buffer overflows without resorting to magic" (PDF). Dept. of Computer Science, Katholieke Universiteit Leuven. Archived from the original (PDF) on 2013-09-05. Retrieved 2014-04-24.
External links
[edit]- PHP DateInterval Heap Buffer Overread Denial of Service
- PHP Bug #66060: Heap buffer over-read in DateInterval