1. Field
The following description relates to program security, and more particularly, to an apparatus and method for preventing virus code execution through buffer overflow management.
2. Description of the Related Art
A buffer overflow condition exists when a program attempts to put more data in a buffer is than it can hold or when a program attempts to put data in a memory area past a buffer. As described herein, a buffer is a sequential section of memory allocated to contain data, for example, a character string, an array of integers, and the like. Writing outside the bounds of a block of allocated memory such as a buffer can corrupt data, crash the program, or cause the execution of malicious code.
Buffer overflow is one of the most known forms of software security vulnerability. Most software developers know what buffer overflow vulnerability is, but buffer overflow attacks against both older and newly-developed applications are still quite common. Part of the problem is due to the wide variety of ways buffer overflows can occur, and part is due to the error-prone techniques often used to prevent them.
When buffer overflow occurs, unexpected operation may occur. Unexpected operations may occur when system attackers, such as hackers or crackers, redirect execution of program to an arbitrary region by overwriting return addresses stored in buffers or overwriting function pointers declared as global or local variables, using such buffer overflow. If they insert virus codes into the arbitrary region, the virus codes will be executed.
To prevent such unexpected operations, a method for checking a maximum available size of a data array upon has been proposed. However, the checking process may be omitted on purpose or by accident.