Memory corruption

From Free net encyclopedia

Template:Cleanup-date

Memory corruption is an inadvertent change to the state of computer memory. This occurs when a computer memory location or register is accidentally overwritten by a computer program due to a programming error. Most often, corruption happens as a result of the misuse of an invalid memory address.

There are some very common mistakes that cause corruption:

  1. Most advanced programming languages allow you to allocate and de-allocate memory units. In C, for example, a "pointer" can be used to represent a specific address to an allocated unit of memory. If a program writes a piece of data to that address that is larger than the size it was allocated for, data beyond its bounds will be "overwritten". If that data was in use by some other part of the program, it would contain unexpected data when the overwritten area of memory is accessed. See Buffer overflow.
  2. Similar results occur if a random or otherwise invalid or unallocated address is written to. Suppose you write to address 'a' without allocating that address. (In some languages, there is no verification of whether or not this is ok, as the compiler assumes that you know what you are doing.) If, later in the code, you try to allocate a unit of memory properly, the program (unaware that you're already using 'a') might return that address or something nearby. Writing data to the second address would cause the data at 'a' to become corrupt, and appear to change randomly.
  3. Un-allocating (commonly called 'freeing') a memory address that you never actually allocated. This may or may not change the data at the address in question and once again, you would often get unexpected results.

This kind of error may crash a program immediately, or lurk undetected for years, only occasionally causing the wrong behaviour. The corrupted data may also interact with other data, spreading the corruption. In many cases, memory corruption can be the cause of security holes and aggravate computer insecurity issues. For example, buffer overflows on the stack allow for shellcode injection and return-to-libc attacks by allowing an attacker to modify information about program flow.

Finding such bugs can be extremely difficult. Therefore, programming tools that detect such errors automatically can be invaluable.he:השחתת זיכרון


Template:Compu-soft-stub

Retrieved from "http://www.netipedia.com/index.php/Memory_corruption"