diff --git a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp index 4da7e2a3c94..302340a3c2c 100644 --- a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp @@ -1,29 +1,29 @@ - - - -

You must ensure that you do not exceed the size of an allocation during write and read operations. - If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. - Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. -

+ + + +

You must ensure that you do not exceed the size of an allocation during write and read operations. +If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow. +Buffer overflows can lead to anything from a segmentation fault to a security vulnerability. +

- - -

- Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. -

+ + +

+Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur. +

- - + + - - + + -
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • -
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • +
  • I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.
    • +
  • M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
    • -     -     + +