What is the difference among heap spraying, heap overflow, heap overrun?
Can those terms be replaced with buffer spraying, buffer overflow, buffer overrun?
Do they have the same definitions as well?
views:
610answers:
2
+4
A:
- Spraying is writing things to random (or at least arbitrary) addresses in the named space, thus corrupting arbitrary things in the space
- Overflow is putting more data in the space than it will hold, thus corrupting adjacent spaces
- Overrun is putting more data in a subset of the space (e.g. an object allocated in that space) than has been allocated for that subset, thus corrupting adjacent objects.
MarkusQ
2009-03-26 16:06:36
A:
"Heap" usually refers to dynamically allocated memory. A "Buffer" may lie on the heap, but may also be static or reside on the stack.
MaHuJa
2009-08-03 13:51:00
You might want to clarify that you're responding to the second and third questions, I was about to downmod you.
Adriano Varoli Piazza
2009-08-03 13:55:10
More specifically, a buffer is a pre-allocated space created for holding some expected incoming data.
Tyler McHenry
2009-08-03 13:55:48