Heap corruption

Heap overflow

A heap overflow is a type of buffer overflow that occurs in the heap data area. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data.

Exploitation goes as follows: if an application copies data without first checking to see if it fits into the chunk (blocks of data in the heap), the attacker could supply the application with a piece of data that is too large, overwriting heap management information (metadata) of the next chunk. This allows an attacker to overwrite an arbitrary memory location with four bytes of data. In most environments, this may allow the attacker control over the program execution.

The Microsoft JPEG GDI+ vulnerability MS04-028 is an example of the danger a heap overflow can represent to a computer user.

Detecting and Preventing Heap Overflows

Recent releases of GNU libc (which incorporate the Doug Lea allocator) can detect heap overflows after the fact. The DieHard allocator prevents library-based heap overflows and reduces the likelihood of heap overflows having any effect on a running program. DieHard also makes it impossible to overwrite heap metadata by storing it separately from the heap.

External links

See also

Search another word or see Heap corruptionon Dictionary | Thesaurus |Spanish
Copyright © 2014 Dictionary.com, LLC. All rights reserved.
  • Please Login or Sign Up to use the Recent Searches feature