这可防止在缓冲区溢出时服务器进行额外的CPU和磁盘工作。
This prevents the server from doing added CPU and disk work if the buffer overflows.
假设您了解缓冲区溢出问题的存在,则您也不得不检查每一行代码以发现这个特殊的漏洞。
You also have to review every line of code to find this particular hole, assuming you understood that it existed.
基本上,如果攻击者能够溢出缓冲区的边界,麻烦或许就会找上你了。
Basically, if an attacker can overflow the bounds of a buffer, you're probably in trouble.
它对潜在的问题提出警告,如在c中编程时可能出现的缓冲区溢出,并就如何预防这些问题提供了建议。
It gives warnings about potential problems, such as buffer overflows that can occur when programming in c, and gives advice about how to prevent them.
每当某个堆超出了其配置的大小时,便可以使用溢出缓冲区来满足实例共享内存区内任何堆的峰值需求。
The overflow buffer is used to satisfy peak memory requirements for any heap in the instance Shared memory region whenever a heap exceeds its configured size.
任何允许外部实体来输入数据的程序都容易受到恶意的攻击,例如缓冲区溢出和嵌入式控制字符。
Any program that allows an external entity to input data is vulnerable to malicious activity, such as buffer overflows and embedded control characters.
在发生了溢出(和数据丢失)时,两个函数都不会给出简单的报告,因此如果要检测缓冲区溢出,程序员就必须做更多的工作。
Neither function gives a simple report if an overflow (and data loss) has occurred, so programmers have to do even more work if they want to detect that.
从根本上讲,所有这些方法都能减轻从程序接管攻击到拒绝服务攻击的缓冲区溢出攻击所带来的破坏。
Fundamentally, all these approaches reduce the damage of a buffer overflow attack from a program-takeover attack into a denial-of-service attack.
利用缓冲区溢出进行攻击可以改变这个过程,并且允许黑客执行任何他们期望的函数。
Attacking using a buffer overflow can change this process and allow an attacker to execute any function they wish.
攻击者也许能够通过改变函数中其他数据的值来利用缓冲区溢出;没有哪种方法能够防止这点。
An attacker may be able to exploit a buffer overflow by changing the value of other data in the function; none of these approaches counter that.
如果没有发生缓冲区溢出,返回值始终是组合字符串的长度;这使得检测缓冲区溢出真正变得容易了。
The return value is always the size of the combined string if no buffer overflow occurred; this makes it really easy to detect an overflow.
缓冲区溢出是许多安全性问题的起因。
一种替代方法是使用另一种编程语言,因为如今的几乎其他所有语言都能防止缓冲区溢出。
An alternative is to use another programming language, since almost all of today's other languages protect against buffer overflows.
如果攻击者能够导致缓冲区溢出,那么它就能控制程序中的其他值。
If an attacker can cause a buffer to overflow, then the attacker can control other values in the program.
为什么缓冲区溢出如此常见?
在缓冲区溢出攻击的实例中,程序的内部值溢出,从而改变程序的运行方式。
In the instance of a buffer overflow attack, an internal value in a program is overflowed to alter how the program runs.
有许多工具可以在缓冲区溢出缺陷导致问题之前帮助检测它们。
There are a number of tools that can help detect buffer overflow vulnerabilities before they're released.
这种攻击可能还会导致缓冲区溢出。
从2004年开始,用户应该开始避免使用这样的操作系统,即它们至少没有对缓冲区溢出提供某种自动保护机制。
Beginning in 2004, users should start avoiding any operating system that fails to provide at least some automatic protection against buffer overflows.
现在让我们快速回顾一下缓冲区溢出问题。
这样使得操纵返回地址困难多了,但它不会阻止改变调用函数的数据的缓冲区溢出攻击。
This makes it much harder to manipulate the return address, but it doesn't defend against buffer overflow attacks that change the data of calling functions.
内存空间缺口——通过栈溢出、缓冲区溢出或堆错误来实现,以宿主进程的权限执行攻击者提供的任何代码。
Memory space breach — Accomplished via stack overflow, buffer overrun, or heap error, enables execution of arbitrary code supplied by the attacker with the permissions of the host process.
什么是缓冲区溢出?
通常攻击者会使用它想要运行的恶意代码来使缓冲区溢出,然后攻击者会更改返回值以指向它们已发送的恶意代码。
Often the attacker will overrun the buffer with the malicious code the attacker wants to run, and the attacker will then change the return value to point to the malicious code they've sent.
事实证明存在许多防止缓冲区溢出的不同技术,但它们都可划分为以下两种方法:静态分配的缓冲区和动态分配的缓冲区。
It turns out that there are many different techniques to countering buffer overflows, but they can be divided into two approaches: statically allocated buffers and dynamically allocated buffers.
当进程尝试将数据储存到固定长度的缓冲区的范围之外时,就会出现缓冲区溢出。
A buffer overflow, or buffer overrun, occurs when a process attempts to store data beyond the boundaries of a fixed-length buffer.
缓冲区溢出导致许多软件出现漏洞,并因此为恶意开发提供了可乘之机。
Buffer overflows cause many software weaknesses and, therefore, are the basis of malicious exploits.
额外的数据溢出到预期存储区附近的内存中,并且覆盖与该区域的原始用途无关的数据。
The extra data spills over into memory near the intended storage area and overwrites data that may have nothing to do with that area's original purpose.
额外的数据溢出到预期存储区附近的内存中,并且覆盖与该区域的原始用途无关的数据。
The extra data spills over into memory near the intended storage area and overwrites data that may have nothing to do with that area's original purpose.
应用推荐