Failure to validate the size of a variable before writing it to memory could result in which of the following application attacks?
A. Malicious logic
B. Cross-site scripting
C. SQL injection
D. Buffer overflow
Correct Answer: D
Section: Threats and Vulnerabilities
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain
a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may
occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain
codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user’s files, change data, or disclose
Validating the size of a variable before writing it to memory will ensure that the variable can fit into the buffer. Failure to validate the size of a variable before writing it to memory can
result in a buffer overflow.
A: Malicious logic is a set of instructions that cause site security policy to be violated in the same way a malware. Failure to validate the size of a variable before writing it to memory
does not cause malicious logic.
B: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by
Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. Exploiting one of these, attackers fold malicious content
into the content being delivered from the compromised site. Failure to validate the size of a variable before writing it to memory does not result in an XSS attack.
C: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump
the database contents to the attacker). Failure to validate the size of a variable before writing it to memory does not result in a SQL injection attack.