Improper Restriction of Operations within the Bounds of a Memory Buffer allows attackers to execute arbitrary code, alter the intended control flow, read sensitive information, or cause a system to crash. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-119 by the 2020 CWE Top 25.
Learning Objectives
On successful completion of this course, learners should have the knowledge and skills to:
- Use a vetted library or framework (such as SafeStr) that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid
- Double check that your buffer is as large as you specify
- Check buffer boundaries when accessing the buffer in a loop to ensure that you are not in danger of writing past the allocated space