A heap overflow is a type of buffer overflow that occurs in the heap data area. Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Exploitation is performed by corrupting this data in specific ways to cause the application to overwrite internal structures such as linked list pointers. The canonical heap overflow technique overwrites dynamic memory allocation linkage (such as malloc meta data) and uses the resulting pointer exchange to overwrite a program function pointer.
Read more about Heap Overflow: Consequences, Detection and Prevention
Famous quotes containing the words heap and/or overflow:
“—First a shiver, and then a thrill,
Then something decidedly like a spill,—
And the parson was sitting up on a rock,
At half-past nine by the meet’n’-house clock,—
Just the hour of the Earthquake shock!
MWhat do you think the parson found,
When he got up and stared around?
The poor old chaise in a heap or mound,
As if it had been to the mill and ground!”
—Oliver Wendell Holmes, Sr. (1809–1894)
“Oh! that thy love might overflow my Heart!
To fire the same with Love: for Love I would.
But oh! my streight’ned Breast! my Lifeless Sparke!
My Fireless Flame! What Chilly Love, and Cold?
In measure small! In Manner Chilly! See!
Lord, blow the Coal: Thy Love Enflame in mee.”
—Edward Taylor (1645–1729)