Many of the crashes resulting from fuzz testing are direct results of memory allocation mistakes and buffer overflows.
由模糊测试导致的许多故障都是内存分配错误及缓冲器溢出的直接结果。
New tricks to counter buffer overflows.
防止缓冲区溢出的新技术。
In fact, buffer overflows are becoming more common.
事实上,缓冲区溢位正越来越普遍。
Common C and C + + mistakes that permit buffer overflows.
导致缓冲区溢出的常见c和C+ +错误。
However, none of this lets developers ignore buffer overflows.
然而,没有哪种方法允许开发人员忽略缓冲区溢出。
Buffer overflows have been causing serious security problems for decades.
几十年来,缓冲区溢位一直引起许多严重的安全性问题。
Some languages have "escape" clauses that allow buffer overflows to occur.
有些语言存在允许缓冲区溢出发生的“转义”子句。
Buffer overflows begin with something every program needs: a place to put bits.
缓冲区溢位开始于每个程序都需要的一些情况︰放置位元的空间。
This prevents the server from doing added CPU and disk work if the buffer overflows.
这可防止在缓冲区溢出时服务器进行额外的CPU和磁盘工作。
Let's dig deeper into why some kinds of buffer overflows have big security implications.
让我们更深入地了解某些缓冲区溢位会造成严重安全性隐患的原因。
Another way in which buffer overflows cause security problems is through stack-smashing attacks.
缓冲区溢位导致安全性问题的另一个方法是透过摧毁堆叠。
We'll go into the details of stack smashing in our third and fourth columns on buffer overflows.
我们将在缓冲区溢位的第三和第四专栏中详细讨论堆叠的摧毁。
Commonly, attackers exploit buffer overflows to get an interactive session (shell) on the machine.
一般地,攻击者利用缓冲区溢位得到机器上的交谈式Session (shell)。
The most spectacular buffer overflows are stack smashes that result in a superuser, or root, shell.
最惊人的缓冲区溢位是堆叠的摧毁,它会在超级使用者或root、shell 中造成后果。
Buffer overflows cause many software weaknesses and, therefore, are the basis of malicious exploits.
缓冲区溢出导致许多软件出现漏洞,并因此为恶意开发提供了可乘之机。
Some people believe that it's harder to find buffer overflows in Windows programs than in UNIX programs.
有些人认为在Windows程序中寻找缓冲区溢位比在UNIX程序中难。
In chart above, the number of vulnerabilities that can be directly attributed to buffer overflows is displayed.
以上图表中,显示了可以直接归为缓冲区溢位的弱点数。
Very long descriptors cause buffer overflows on the PS3, allowing code to be injected onto the stack and executed.
非常长的描述会引起PS3缓存溢出,导致允许代码注入栈并被执行。
In debug builds the MSVC compiler adds in extra data to help detect buffer overflows and use of uninitialized memory.
在调试版本中msvc编译器添加额外的数据来检测缓冲区溢出和使用未初始化的内存。
In this column we've introduced you to buffer overflows, which are probably the worst software security problem of all time.
在本专栏中,介绍了缓冲区溢位,它永远可能是最糟的软体安全性问题。
In doing so, it triggers a series of buffer overflows allowing it to write various pieces of data and code to the stack.
这样做,它触发出一系列的缓存溢出,以允许自己向栈写入许多数据和代码。
Ada normally detects and prevents buffer overflows (raising an exception on the attempt), but various pragmas can disable this.
Ada一般会检测和防止缓冲区溢出(即针对这样的尝试引发一个异常),但是不同的程序可能会禁用这个特性。
An alternative is to use another programming language, since almost all of today's other languages protect against buffer overflows.
一种替代方法是使用另一种编程语言,因为如今的几乎其他所有语言都能防止缓冲区溢出。
Likewise, when a buffer overflows, the excess data may trample on other meaningful data that the program might wish to access in the future.
同样地,当缓冲区溢位时,额外的资料会摧残程序将来可能要存取的其它有用的资料。
There are many common application-level security issues which can lead to security breaches, including buffer overflows and SQL injection.
有很多应用程序级别的普通保密问题会引起打破保密性,包括缓冲溢出和嵌入SQL。
It gives warnings about potential problems, such as buffer overflows that can occur when programming in c, and gives advice about how to prevent them.
它对潜在的问题提出警告,如在c中编程时可能出现的缓冲区溢出,并就如何预防这些问题提供了建议。
Beginning in 2004, users should start avoiding any operating system that fails to provide at least some automatic protection against buffer overflows.
从2004年开始,用户应该开始避免使用这样的操作系统,即它们至少没有对缓冲区溢出提供某种自动保护机制。
Any program that allows an external entity to input data is vulnerable to malicious activity, such as buffer overflows and embedded control characters.
任何允许外部实体来输入数据的程序都容易受到恶意的攻击,例如缓冲区溢出和嵌入式控制字符。
Also keep in mind that many times, updates are the only way to fix problems such as those related to buffer overflows, network client issues, and so on.
此外,您要记住,有些问题必须通过更新才能修复,比如缓冲溢出和网络客户端等问题。
We've already covered one common mistake, buffer overflows, in a previous column (see Resources for links to previous installments of Secure programmer).
以一个先前的专栏中我们已经论及了一个常见的错误:缓冲区溢出(参阅以获得安全编程先前部分的链接)。
应用推荐