buffer underflow緩衝區下溢

Posted in :

2023-03-20

第一次聽到有 buffer underflow, 是因為這一則新聞:
https://www.nics.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1233

原來這個 underflow 這麼厲害, 藉由發送特製之HTTP(S)請求來觸發此漏洞，進而遠端執行任意程式碼，或者透過圖形化介面(GUI)進行阻斷服務(DoS)攻擊。

What is a/example of a buffer underflow?
https://stackoverflow.com/questions/26257639/c-what-is-a-example-of-a-buffer-underflow

A buffer underflow does not relate directly to a buffer overflow. However, buffer underflows can be an issue with e.g. ring buffers.

Consider for example audio playback: your audio buffer is probably a ring buffer somewhere in kernel memory. If you write data slower than the audio driver/hardware reads from the buffer, the buffer becomes empty (“underflows”), leading to stuttering audio. Similar issues exist for other kinds of real-time data processing and media playback, too.

Thus a buffer underflow is often not a fault condition per se (unlike a buffer overflow, which usually causes programs to perform undefined, unwanted behaviour like termination, executing some unwanted code and so on).

錯誤：stack-buffer-underflow
https://learn.microsoft.com/zh-tw/cpp/sanitizers/error-stack-buffer-underflow?view=msvc-170

發佈留言 取消回覆

Related Posts

javascript 數字格式化為金額

How to generate 1000 unique color in d3.js

學習d3js 最佳資源

python macos arm tkinter messagebox autorelease pool page error

發佈留言取消回覆