Buffer over-read

In computer security and programming, a buffer over-read^[1]^[2] or out-of-bounds read^[3] is an anomaly where a program, while reading data from a buffer, overruns the buffer's boundary and reads (or tries to read) adjacent memory. This is a special case of violation of memory safety.

Buffer over-reads can be triggered, as in the Heartbleed bug, by maliciously crafted inputs that are designed to exploit a lack of bounds checking to read parts of memory not intended to be accessible. They may also be caused by programming errors alone. Buffer over-reads can result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. Thus, they are the basis of many software vulnerabilities and can be maliciously exploited to access privileged information.^{[citation needed]}

At other times, buffer over-reads not caused by malicious input can lead to crashes if they trigger invalid page faults. For example, widespread IT outages in 2024 were caused by an out-of-bounds memory error in cybersecurity software developed by CrowdStrike.^[4]

Programming languages commonly associated with buffer over-reads include C and C++, which provide no built-in protection against using pointers to access data in any part of virtual memory, and which do not automatically check that reading data from a block of memory is safe; respective examples are attempting to read more elements than contained in an array, or failing to append a trailing terminator to a null-terminated string. Bounds checking can prevent buffer over-reads,^[5] while fuzz testing can help detect them.

References

^ "CWE – CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). February 18, 2014. Archived from the original on February 8, 2018. Retrieved July 24, 2024.
^ Strackx, Raoul; Younan, Yves; Philippaerts, Pieter; Piessens, Frank; Lachmund, Sven; Walter, Thomas (2009-01-01). "Breaking the memory secrecy assumption". Proceedings of the Second European Workshop on System Security. EUROSEC '09. New York, NY, USA: ACM. pp. 1–8. doi:10.1145/1519144.1519145. ISBN 9781605584720. S2CID 17259394.
^ "CWE - CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). Archived from the original on August 17, 2023. Retrieved July 24, 2024.
^ "Falcon Content Update Remediation and Guidance Hub | CrowdStrike". crowdstrike.com. Archived from the original on 2024-07-24. Retrieved 2024-07-24.
^ Yves Younan; Wouter Joosen; Frank Piessens (2013-02-25). "Efficient protection against heap-based buffer overflows without resorting to magic" (PDF). Dept. of Computer Science, Katholieke Universiteit Leuven. Archived from the original (PDF) on 2013-09-05. Retrieved 2014-04-24.

External links

This computer security article is a stub. You can help Wikipedia by expanding it.

[1] "CWE – CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). February 18, 2014. Archived from the original on February 8, 2018. Retrieved July 24, 2024.

[2] Strackx, Raoul; Younan, Yves; Philippaerts, Pieter; Piessens, Frank; Lachmund, Sven; Walter, Thomas (2009-01-01). "Breaking the memory secrecy assumption". Proceedings of the Second European Workshop on System Security. EUROSEC '09. New York, NY, USA: ACM. pp. 1–8. doi:10.1145/1519144.1519145. ISBN 9781605584720. S2CID 17259394.

[3] "CWE - CWE-126: Buffer Over-read". Common Weakness Enumeration (list version 4.15). Archived from the original on August 17, 2023. Retrieved July 24, 2024.

[4] "Falcon Content Update Remediation and Guidance Hub | CrowdStrike". crowdstrike.com. Archived from the original on 2024-07-24. Retrieved 2024-07-24.

[5] Yves Younan; Wouter Joosen; Frank Piessens (2013-02-25). "Efficient protection against heap-based buffer overflows without resorting to magic" (PDF). Dept. of Computer Science, Katholieke Universiteit Leuven. Archived from the original (PDF) on 2013-09-05. Retrieved 2014-04-24.

[1]

[2]

[3]

[4]

[5]

v t e Memory management
Memory management as a function of an operating system
Hardware	Memory management unit (MMU) Translation lookaside buffer (TLB) Input–output memory management unit (IOMMU)
Virtual memory	Demand paging Memory paging Page table Virtual memory compression
Memory segmentation	Protected mode Real mode Virtual 8086 mode x86 memory segmentation
Memory allocator	dlmalloc Hoard jemalloc libumem mimalloc ptmalloc
Manual memory management	Static memory allocation C dynamic memory allocation new and delete (C++)
Garbage collection	Automatic Reference Counting Boehm garbage collector Cheney's algorithm Concurrent mark sweep collector Finalizer Garbage Garbage-first collector Mark–compact algorithm Reference counting Tracing garbage collection Strong reference Weak reference
Memory safety	Buffer overflow Buffer over-read Dangling pointer Stack overflow
Issues	Fragmentation Memory leak Unreachable memory
Other	Automatic variable International Symposium on Memory Management Region-based memory management Memory pool
Memory management Virtual memory Automatic memory management Memory management algorithms Memory management software

Buffer over-read

See also

References

External links