Appendix A. A Security Attack Example: The Stack Overrun
Stack overruns are a good example of the kind of vulnerability that attackers often enthusiastically exploit. A famous example from the history of the Internet of such an attack was the Morris Internet Worm. This is just one of many interesting types of attacks that must be considered in secure programming. This particular type of attack is much more difficult to mount in a managed runtime environment, such as .NET or Java, but has been exploited in many large C or C++ programs, including SQL Server and IIS. Studying this simple example may help you get a feel for the resourcefulness and state of mind of your potential adversaries.
The Win32ProjectBufferOverflow example described in this ...
Get .NET Security and Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
