WSTG - v4.1

Testing for Buffer Overflow

ID
WSTG-INPV-13

Summary

To find out more about buffer overflow vulnerabilities, please go to OWASP’s Buffer Overflow vulnerability page.

See the OWASP article on Buffer Overflow Attacks.

How to Test

Different types of buffer overflow vulnerabilities have different testing methods. Here are the testing methods for the common types of buffer overflow vulnerabilities.

Code Review

See the OWASP Code Review Guide article on how to review code for Buffer Overrun and Overflow vulnerabilities.