buffer underflow緩衝區下溢

第一次聽到有 buffer underflow, 是因為這一則新聞:
https://www.nics.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1233

原來這個 underflow 這麼厲害, 藉由發送特製之HTTP(S)請求來觸發此漏洞,進而遠端執行任意程式碼,或者透過圖形化介面(GUI)進行阻斷服務(DoS)攻擊。


What is a/example of a buffer underflow?
https://stackoverflow.com/questions/26257639/c-what-is-a-example-of-a-buffer-underflow

A buffer underflow does not relate directly to a buffer overflow. However, buffer underflows can be an issue with e.g. ring buffers.

Consider for example audio playback: your audio buffer is probably a ring buffer somewhere in kernel memory. If you write data slower than the audio driver/hardware reads from the buffer, the buffer becomes empty (“underflows”), leading to stuttering audio. Similar issues exist for other kinds of real-time data processing and media playback, too.

Thus a buffer underflow is often not a fault condition per se (unlike a buffer overflow, which usually causes programs to perform undefined, unwanted behaviour like termination, executing some unwanted code and so on).


錯誤:stack-buffer-underflow
https://learn.microsoft.com/zh-tw/cpp/sanitizers/error-stack-buffer-underflow?view=msvc-170

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *