LAB 355 – Defending C Applications Against Stack-based Buffer Overflow (NEW)

Course Overview

Stack-based buffer overflow vulnerabilities occur when the application code incorrectly calculates or limits the amount of data being written into data structures allocated to the stack. Successful exploitation of Stack-based Buffer Overflow vulnerabilities leads to arbitrary code execution. Most platforms provide multiple defense-in-depth measures to make buffer overflow exploitation more difficult, but these measures cannot be relied on as a complete defense. In other words, Stack-based Buffer Overflow vulnerabilities are very dangerous, and memory operations have to be performed correctly even if the platform provides some protection against exploitation.

This Skill Lab provides a virtual environment that contains a vulnerable application with its complete source code for training developers to identify and remediate Stack-based Buffer Overflow vulnerabilities.

In this lab, the learner will receive hands-on experience testing for a Stack-based Buffer Overflow vulnerability and implementing an appropriate mitigation. The typical solutions include validating the size of data being copied before writing it to a buffer and allocating sufficiently large buffers to hold data.