Computer Systems A Programmer's Perspective Second Edition
Avoiding security holes.For many years,buffer overflow vulnerabilitieshave
accounted for the majority of security holes in network and Internet servers.
These vulnerabilities exist because too few programmers understand the need
to carefully restrict the quantity and forms of data they accept from untrusted
sources. A first step in learning secure programming is to understand the con-
sequences of the way data and control information are stored on the program
stack. We cover the stack discipline and buffer overflow vulnerabilities in
Chapter 3 as part of our study of assembly language. We will also learn about
methods that can be used by the programmer, compiler, and operating system
to reduce the threat of attack.