PHP: Buffer Overflow

PHP Program Flow
A call that is made to execute a sequence of code in PHP program is sent to PHP core library written in C programming language which in turn would talk with the underlying operating system to get the results of its execution.

What is buffer?
A buffer is a temporary memory location to hold data for faster program execution time. The data may be stored as a heap or as a stack. Stack can be visualized as a FILO array of data and heap as a linked list of data.

Why we need to take care of buffer overflows?
Programmers who know about certain loop holes can exploit this feature in by pointing a record in the heap or stack to prewritten block of hackable code. These are called buffer overflow attacks.

A buffer overflow can lead to Code Injection attacks, Denial of Service attacks (sending huge volumes of data continously to the server), Remote code exploit (where your code is used as the point from which other attacks incur.

The best way by which you can guard your systems against unwanted attacks is to have the necessary patch uploaded to your systems.


Written by kurinchilamp

Website: http://

Leave a Reply

Your email address will not be published. Required fields are marked *