What causes buffer overflows and memory leaks in a Web application?

Buffer overflows and memory leaks can cause serious harm to Web applications. In this SearchSecurity.com Q&A, application security expert Michael Cobb reveals how both can lead to security breaches and system compromises.

What do we mean by memory leaks and buffer overflows in a Web application? Can you use an example that shows how...

to test for them?

These two problems have always plagued Web applications. Buffer overflow exploits, such as the Code Red worm, have led to major data security breaches and system compromises. First, though, let's look at memory leakage, as this will help with your understanding of buffer overflows. A memory leak occurs when a programmer dynamically allocates memory space for a variable of some type, but then fails to free up that space before the program completes. This leaves less free memory for the system to use. Repeated running of the program or function that causes such memory loss can eventually crash the system or result in a denial of service. Here's a simple code example that results in a loss of memory:

int main(int argc, char **argv)
  char * memoryA = new char[10];
  memoryA [0] = 'A'; 
  printf("%cn", memoryA [0]);

This program allocates memory to the variable memoryA to store an array of 10 characters, but the program never explicitly frees it.

In order to prevent memory leakage, programmers should always free any dynamically allocated space when it is no longer required. For simple applications, you can scan your code to ensure that every new operator has a corresponding delete operator, or language-equivalent pairing. For more complex projects, you will need to run an application diagnostic tool, such as Purify or LeakTracer, that detects memory errors. Also, stress-test your application and monitor its memory consumption.

Buffer overflows can result in application or system crashes; they can even allow attackers to compromise the system and initiate unauthorized processes. A buffer overflow occurs when a program or process tries to store more data into a memory buffer than it was intended to hold. A hacker, for example, can submit data to a Web application via a form, and that data is intentionally larger than the memory buffer allocated to hold it. This extra data can overflow into adjacent memory, overwriting any valid data held in it, and often overwriting the return address that is used when the function ends. By writing a new return address, the hacker can trick the system into executing his or her own code.

You should be aware that some languages are more susceptible to buffer overflow errors and memory leaks than others. The C and C++ languages provide no built-in checks to ensure that data written to a buffer is within the boundaries of that buffer. Windows programmers should use Microsoft's strsafe.lib and strsafe.h, provided as part of Visual C++ .NET 2003, which use a library of safe string-handling functions. Applications written in Java, however, don't really suffer from buffer overflows and memory leaks, as Java is a strongly typed language. Be aware, though, that applications written in Java and other "safe" languages can still be susceptible to buffer overflows when they interact with services and libraries that are written in other languages.

The best way to prevent buffer overflow problems is to validate all input data that an application receives. You can even write your own string copy function that incorporates additional data filtering checks at the same time.

More information:

This was last published in February 2007

Dig Deeper on Application attacks (buffer overflows, cross-site scripting)