Wikipedia:Peer review/Buffer overflow

From Wikipedia, the free encyclopedia

[edit] Buffer overflow

Hey! I'm submitting this article for peer review, because quite a bit has changed recently and some sections are possibly a bit dubious. It would be nice to get this up to FA quality since it is possibly one of the most important issues in computer security today and is also of great historical interest.

Suggestions needed on:

  • General grammar, phrasing, use of terminology etc.
  • Clarity
  • Technical Description, does it need rewrinting?
  • Diagrams
  • History Section

Any suggestions will be much appreciated.

Cheers,

Tompsci 19:00, 7 January 2006 (UTC)

I reviewed version of 19:24, 2006 January 7:

  • I changed sentence to: Buffer overflows can cause a process to crash and changed sentence style in second third and fourth paragraphs.
  • needs a diagram but I couldn't find one in commons
  • Technical description is C-based but C is not mentioned until later, and overflows occur in situations other than function calls and stacks
  • I recall years ago some architectures (Motorola?) have separate stacks for addresses and data, should this article specify the type of stack?
  • I am surprised that subsection Choice of programming language is not the first item in the section Protection from buffer overflows, and this might avoid the see below parenthesis.
    • I've resolved this by reordering the sections after Protection from buffer overflows in this version. -Wikibob 00:34, 8 January 2006 (UTC)

Hope this helps, I'm not an expert in this so I read mainly for comprehension. -Wikibob 20:50, 7 January 2006 (UTC)

  • This sentence troubled me: Packet scanning intrusion-detection systems (IDSs) and application firewalls can detect remote attempts to exploit buffer overflows. The articles Intrusion-detection system and application firewall did not convince me that the sentence is indeed true. IDS is itself vague and hand waving while the firewall article did not address an exploit of an overflow, in Outlook Express (OE) say. As I see it a JPEG image could cause an overflow in OE that then sends out emails. Exactly how does the application firewall detect this when OE is allowed to send emails? Maybe all will become clear to me after cleanup of those two articles. -Wikibob 00:34, 8 January 2006 (UTC)

Thanks alot Wikibob, I've been trying to distinguish between the bug and the exploit, but the two are confused all through the article. I agree with all of your edits and in response to your points:

  • Packet scanning intrusion-detection systems (IDSs) and application firewalls can detect remote attempts to exploit buffer overflows. has now been changed to refer to Deep packet inspection which is what the original author was meaning to refer too.
  • The Section on choice of programming language I think has been over-emphasised, I think only 3 points need to be made:-
# Legacy Languages are still in use which allow unsafe use of pointers
# Bounds checking can be retro-fitted to such languages i.e. Cyclone
# New languages which don't allow manipulation of pointers i.e. Object Orientated languages are implicitly safe from Buffer Overflows in their programs, but native code in the language's implementation can suffer from buffer overflows.
  • A reference to null-terminated strings is needed.

Thanks again for your input, I hope you continue to scrutinize the article. - Tompsci 13:42, 8 January 2006 (UTC)

  • Reference to the type of stack is needed, splitting the stack into data and control can prevent some exploits.

I hope this wasn't too bold, but I've rewritten pretty much all of the technical section, to make it simultaneously more and less technical. That is, I've tried to define buffers, storage locations, and stacks in ways that might be a little less opaque to non-techies; but I've made the examples as general as possible, to avoid references to system-specific things like "RET instructions" and "root". I also moved the discussion of exploits to the end, because I don't think it's possible to understand how the exploit works without the preceding examples. ←Hob 08:37, 9 January 2006 (UTC)

Nice work, but is the explanation of an Array really needed? I think better use of Wiki-Links would improve the section, but a great improvement! Next section that needs rewriting is "High Level Description", far too verbose and contains some extranneous information. -- Tompsci 11:40, 9 January 2006 (UTC)