Quiz Entry - updated: 2026.07.05
What happens when a buffer overflows due to unchecked input length?
The excess bytes spill past the buffer and overwrite adjacent stack memory — crucially the saved return address — letting an attacker redirect execution instead of just crashing.
Excess data overwrites adjacent memory on the stack — including the return address that controls execution flow. This includes:
- Other local variables - corrupting program data
- Saved frame pointer - breaking stack unwinding
- Return address - most critical: controls where execution goes when the function returns
Why this is dangerous:
- If the return address is corrupted randomly → crash (segfault)
- If an attacker carefully crafts the overflow → the return address points to attacker's code → arbitrary code execution
Root cause: C/C++ don't check array bounds. Functions like gets(), strcpy(), and sprintf() copy data without verifying destination size.
Prevention: Always validate input length before copying. Use bounded functions (fgets, strncpy, snprintf) or memory-safe languages.
Go deeper:
Buffer overflow (Wikipedia) — how writing past a buffer corrupts adjacent memory, and the unsafe functions that cause it.