072e67b8d4
"C++" spelled as-is can result in unexpected rendering, such as
C++20 was released before C++17
renders as
C20 was released before C17
Make consistent use of `[source,cpp]`.
6 lines
619 B
Plaintext
6 lines
619 B
Plaintext
An attacker typically provides input that exceeds the expected size. This could be through a text field in a user interface, a file that the program reads, or data sent over a network. The insecure function processes this input and places the result into a provided buffer.
|
|
|
|
If the input is larger than the buffer can handle, the insecure function will overwrite the memory following the buffer. This situation is known as a buffer overflow vulnerability.
|
|
|
|
When using typical C or {cpp} functions, it's up to the developer to make sure the size of the buffer to be written to is large enough to avoid buffer overflows.
|