Sunday 05 July 2026 10:34:33 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Heap-based buffer overflow

A memory bug where data writes exceed allocated space in heap memory.

A heap-based buffer overflow is a memory corruption bug where a program writes past the end of a dynamically allocated buffer in heap memory. The extra data can overwrite nearby objects, pointers, or metadata that the runtime uses to manage memory.

In cyber security, this matters because the heap often stores request data, parsed fields, and internal state in network services. If an attacker can control the overflow input, the bug may crash the process, corrupt application logic, or sometimes help achieve remote code execution. Defenders look for these flaws with code review, fuzzing, memory sanitizers, and compiler hardening. Safer allocation checks, bounds validation, and modern mitigations such as ASLR and stack protections reduce impact, but they do not replace secure coding. In real attacks, heap overflows often appear in parsers, protocol handlers, and rewrite or transformation logic that handles untrusted input.

← WIKICROOK index