Computer-based devices include one or more microprocessors, memory and associated logic that provide an execution environment for software. Such devices are susceptible to errors in the event software writes data to improper locations in a memory space within the execution environment. A frequent cause of such errors is memory overruns in which the data written by the software overwrites one or more memory locations beyond a memory space specifically allocated for the data. For example, computer-based devices typically utilize a heap of dynamically allocated memory to store data for program variables. A memory overrun occurs in the event the software writes data beyond the scope of memory allocated to hold the data, such as beyond the end of a queue. Memory overruns often lead to unpredictable or improper device behavior as the data may overwrite other program variables which, in severe instances, may result in system crashes and even facilitate execution of malicious program code.
One type of computer-implemented device for which a memory overrun may result in significant consequences is in the area of network devices, such as routers, firewalls, intrusion detection and prevention (IDP) devices and other network devices deployed within a network environment. For example, network users and, as a result, network administrators, expect a computer network to maintain a high degree of reliability and availability in order to increase the transparency and performance of network-related operations. However, a memory overrun due to a software bug or other reason may result in a crash of a critical network device, causing significant communication problems for the organization. Moreover, attackers continue to exploit vulnerabilities in such devices by, for example, sending malformed packets in an attempt to cause the devices to overrun memory boundaries. In some instances, memory overrun vulnerabilities allow attackers to crash the device or gain administrative control, thereby interrupting network availability and exposing the network to security breaches.