Search results
Results from the WOW.Com Content Network
A stack buffer overflow can be caused deliberately as part of an attack known as stack smashing. If the affected program is running with special privileges, or accepts data from untrusted network hosts (e.g. a webserver ) then the bug is a potential security vulnerability .
Microsoft Windows 95 and Windows 98 had a problem with rollovers in a virtual device driver, VTDAPI.VXD, which used unsigned 32-bit integers to measure system runtime in milliseconds; this value would overflow after 49.7 days, causing systems to freeze. [93]
Analogous storage constraints will be reached in 2106, where systems storing Unix time as an unsigned (rather than signed) 32-bit integer will overflow on 7 February 2106 at 06:28:15 UTC. Computer systems that use time for critical computations may encounter fatal errors if the year 2038 problem is not addressed.
Different Windows kernel functions read and write these values, specially to distinguish stack overflows from other read/write page faults (a read or write to a page guarded among the stack limits in guaranteed stack bytes will generate a stack-overflow exception instead of an access violation).
[7] [8] For example, a stack buffer overflow can overwrite the return address of a subroutine with an invalid value, which will cause, e.g., a segmentation fault, when the subroutine returns. However, if an exploit overwrites the return address with a valid value, the code in that address will be executed.
Windows XP has been criticized for its vulnerabilities due to buffer overflows and its susceptibility to malware such as viruses, trojan horses, and worms.Nicholas Petreley for The Register notes that "Windows XP was the first version of Windows to reflect a serious effort to isolate users from the system, so that users each have their own private files and limited system privileges."
The leap year problem (also known as the leap year bug or the leap day bug) is a problem for both digital (computer-related) and non-digital documentation and data storage situations which results from errors in the calculation of which years are leap years, or from manipulating dates without regard to the difference between leap years and common years.
Canaries or canary words or stack cookies are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, the first data to be corrupted will usually be the canary, and a failed verification of the canary data will therefore alert of an overflow, which can then be handled, for example, by invalidating the corrupted data.