Première page Précédent Suivant Dernière page Résumé Texte


A specific buffer overflow is dependent upon many factors: processor, libraries, OS, compiler, etc.
Generic buffer overflows just crash the process, most of the time.
Hard to detect if it is rerun immediately: e.g., if the connection is abruptly closed, then alert. However, a fix may just close the connection => false positive.
Resource exhaustion (memory consumption, CPU loop) need a local access to be tested efficiently. Need much time and network traffic too.
A few exceptions: www_infinite_request