The problem of buffer overruns, i.e., writing past hte end of an array, in C programs has been known since the early seventies as one of the possible consequences of the C language data integrity philosophy. Since the late eighties, when computer security incidents started affecting the Internet, it has been clear that buffer overruns are a powerful threat to system security as they allow ordinary users to gain superuser privileges on Unix systems. Nowadays, buffer overruns are one of the most popular exploits in the hacker scene.
展开▼