A Taxonomy of Software Flaws Leading to Buffer Overflows

Abstract

The buffer overflow attack has been dubbed ‘the vulnerability of the century’, because of the frequency and impact of this class of vulnerability. The wide variety of situations where this vulnerability can arise makes it particularly difficult to assess their occurrence or prevent them. In this paper, we present a novel taxonomy of programming errors which can lead to buffer overflows. This taxonomy easily translates into preconditions that ensure the code’s safe execution. We also illustrate each taxonomic class with a real-life example. Finally, from these examples, we draw a series of principles that developers can immediately incorporate in their programming habits in order to improve the security of their code.