Why Are So Many Programs Vulnerable?
As we have already mentioned, the main reason so many programs are vulnerable is due to the lack of error checking. If programmers or developers would take the extra time to build more robust code that includes error checking, there would be fewer buffer overflow exploits.
One of the main reasons that so much code has no error checking is because developers make assumptions. They assume that, under normal operation, the amount of memory they allocate for a variable is sufficient. This may be true, however attackers push the threshold, and when an attacker is testing a program for an exploit, it is no longer being used in normal conditions. Often, programs get released and work perfectly for several years, ...
Get Hackers Beware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
