缓冲区溢出攻击的分析及防范策略

摘  要 随着Internet及相关信息技术的迅速发展，网上的电子商务呈现出极大的增长势头，但是投入的增多意味着风险也随之而来，网络安全问题成为各种网上活动需要考虑的头等大事。 本文重点探讨一下缓冲区溢出对计算机系统造成的危害。因为几十年来，缓冲区溢出一直引起许多严重的安全性问题。近年由CERT/CC(Computer Emergency Response Term/Coodination Center)发布的忠告中关于缓冲区溢出漏洞占56.76%以上。 本文首先解释了缓冲区溢出的概念，从程序语言本身存在缺陷，不够健壮的角度出发，对缓冲区溢出的原理进行了详细的阐述；再次，通过一个会导致缓冲区溢出的程序代码对缓冲区溢出攻击的产生进行了实例分析，同时还对Unix操作系统下的缓冲区溢出攻击进行了有针对性的分析，并总结出缓冲区溢出攻击的类型；最后，结合缓冲区溢出攻击的类型，从系统管理和软件开发两个角度提出了缓冲区溢出攻击的防范策略。     关键字：缓冲区溢出  攻击    

Abstract
With the development of Internet and information technology, the great growth has appeared out in E-Commerce. But this trend lead to more venture, network security issue has become the cardinal task that various kinds of online activity need to consider.
At present, the biggest problem on network is that computer software is usually not stalwart enough, sometimes such barrier will cause catastrophic result, especially when being utilized maliciously by the lawless person, the harm will hard to estimate.
Buffer overflow attacking is a seriously problem in network security and cause serious security problems in recently years. Some program language have pestilent bug, for example, C program language doesn’t check the border of the array of number is apt to cause the buffer overflow, and therefore possibly cause the failure of program processing and paralysis of computer.
This paper analysis deeply the principle and possible of buffer overflow attacking, and point out buffer overflow’s potential dangers. At last, according to the kinds of buffer overflow attacking, I put forward my own opinion of precautionary measures on buffer overflow attacking.

Key Words: buffer overflow    attacking

      一 缓冲区与出的概念及原理 1．1何谓缓冲区溢出 缓冲区是用户为程序运行时在计算机中申请得的一段连续的内存，它保存了给定类型的数据。缓冲区溢出指的是一种常见且危害很大的系统攻击手段，通过向程序的缓冲区写入超出其长度的内容，造成缓冲区的溢出，从而破坏程序的堆栈，使程序转而执行其他的指令，以达到攻击的目的。   1．2缓冲区溢出的原理 从上面的缓冲区溢出概念可以看出，缓冲区溢出就是将一个超过缓冲区长度的字符串置入缓冲区的结果，这是由于程序设计语言的一些漏洞，如C/C++语言中，不对缓冲区、数组及指针进行边界检查，（strcpy()、strcat()、sprintf()、gets()等语句），在程序员也忽略对边界进行检查而向一个有限空间的缓冲区中置入过长的字符串可能会带来两种结果：一是过长的字符串覆盖了相邻的存储单元，引起程序运行失败，严重的可导致系统崩溃；另一种后果是利用这种漏洞可以执行任意指令，甚至可以取得系统特权，由此而引发多种攻击方法。