第一次聽到有 buffer underflow, 是因為這一則新聞:
https://www.nics.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1233
原來這個 underflow 這麼厲害, 藉由發送特製之HTTP(S)請求來觸發此漏洞,進而遠端執行任意程式碼,或者透過圖形化介面(GUI)進行阻斷服務(DoS)攻擊。
What is a/example of a buffer underflow?
https://stackoverflow.com/questions/26257639/c-what-is-a-example-of-a-buffer-underflow
A buffer underflow does not relate directly to a buffer overflow. However, buffer underflows can be an issue with e.g. ring buffers.
Consider for example audio playback: your audio buffer is probably a ring buffer somewhere in kernel memory. If you write data slower than the audio driver/hardware reads from the buffer, the buffer becomes empty (“underflows”), leading to stuttering audio. Similar issues exist for other kinds of real-time data processing and media playback, too.
Thus a buffer underflow is often not a fault condition per se (unlike a buffer overflow, which usually causes programs to perform undefined, unwanted behaviour like termination, executing some unwanted code and so on).
錯誤:stack-buffer-underflow
https://learn.microsoft.com/zh-tw/cpp/sanitizers/error-stack-buffer-underflow?view=msvc-170
