Tutorial :What is the difference among heap spraying, heap overflow, heap overrun?



Question:

What is the difference among heap spraying, heap overflow, heap overrun?

Can those terms be replaced with buffer spraying, buffer overflow, buffer overrun?

Do they have the same definitions as well?


Solution:1

  • Spraying is writing things to random (or at least arbitrary) addresses in the named space, thus corrupting arbitrary things in the space
  • Overflow is putting more data in the space than it will hold, thus corrupting adjacent spaces
  • Overrun is putting more data in a subset of the space (e.g. an object allocated in that space) than has been allocated for that subset, thus corrupting adjacent objects.


Solution:2

"Heap" usually refers to dynamically allocated memory. A "Buffer" may lie on the heap, but may also be static or reside on the stack.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »