Miscreants are exploiting enterprise tech zero days more and more, Google warns The discovery and exploitation of zero-day vulnerabilities in enterprise-specific software and appliances appears to be outpacing the leveraging of zero-day bugs overall, judging by Google's latest research. In a report published today, the web giant's Threat Analysis Group (TAG) and Mandiant division said they tracked 97 …
When development emphasis is on "prettier" and "quicker to market" instead of building applications properly from the ground up.
Got a finite-size buffer? Why not check for data size BEFORE you go stuffing it in there? It's not as if you lack CPU cycles these days (trust me, I used to write in Z80 assembler). Ditto for data types. And never assume that a value being passed to a function is valid just because that function's being fed by your own code.
Think about sprintf() as just one example, but a lot of stuff is like that where you call a function with a buffer and it fills the buffer for you. Sometimes the function is to blame, because it will claim that the maximum size is say 1024 bytes but some clever bastard finds a way to fool it into making it generate more than it thinks it can. Maybe it malloc()s for you, but calculates wrong because someone is making it do something it wasn't intended to do.
Other times it is down to programmer laziness, they'll allocate a buffer of a given size they think is triple the biggest possible size you'd ever need but the clever bastards are extremely clever in finding ways to make software do things it wasn't intended to. Stuff like DNS amplification attacks are the bandwidth version of this sort of thing.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
