tags:

views:

1222

answers:

4
Q: 

Buffer Overflow (vs) Buffer OverRun (vs) Stack Overflow

Possible Duplicate:
What is the difference between a stack overflow and buffer overflow ?

What is the difference between Buffer Overflow and Buffer Overrun?

What is the difference between Buffer Overrun and Stack Overflow?

Please include code examples. I have looked at the terms in Wikipedia, but I am unable to match with programming in C or C++ or Java.

+13  A: 

Bufferoverflow / Bufferoverrun:

void k()
{
    BYTE buf[5];
    for( int i = 0; i < 10; ++i )
        buf[i] = 0xcd;
}

Stackoverflow :

void f()
{
     int k = 0;
     f();
}
Christopher  2009-07-17 15:51:23
i found code for buffer run .. What it is really doing ?
joe  2009-07-17 15:59:26
The same as buffer overflow.
Martin York  2009-07-17 16:29:13
+13  A: 

Think of a buffer as just an array. A buffer overflow is when you try to put more items in the array than what the array can hold. In words, it comes from writing. A buffer overrun is when you are iterating over the buffer and keep reading past the end of the array. In other words, it comes from reading.

A stack overflow is much different. Most modern programming environments are stack-based, where they use a stack data structure to control program flow. Every time you call a function, a new item is placed on the program's call stack. When the function return, that item is popped of the stack. When the stack is empty, the program stops. The thing is that this stack has a fixed size, and so it is possible to call too many functions at one time. At this point you have a stack overflow. The most common way to do this is with a function that calls itself (recursion).

Joel Coehoorn  2009-07-17 15:52:26
A: 

What is the difference between Buffer Overflow and Buffer Overrun? I would say that Buffer over flow is when you attempt to write beyond the end of a buffer, but you have a check which prevents it. buffer over run is when you actually write beyond the end of the buffer. The first is fail fast, the second is harder to detect.

You cannot overrun a buffer in java as it always has bounds checking and thus produces a BufferOverflowException.

What is the difference between Buffer Overrun and Stack Overflow?

They have nothing to do with one another.

Peter Lawrey  2009-07-17 18:41:10
A: 

You can have difference between buffer overflow and buffer overrun in C/C++:

  • We could define overflow when you index/point beyond the original buffer size (e.g read the 6th element of a 3 element array)
  • We could define overrun, when you have multiple adjacent buffers after each other, and you index into the second (e.g read the 6th element of the first 3-element array but you get the 3rd element of the second 3-element array).

Stack overflow is kinda buffer overflow when you fill your entire stack 'memory buffer'.

kd304  2009-07-17 18:51:34

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS