Buffer overwrite vulnerabilities have been around for several years now, with the first major vulnerability being called CloudFlare Bug. It was discovered in February 2018 and described a way to bypass CloudFlare’s protections and expose sensitive data.
The CloudFlare Bug worked by exploiting the way servers handled HTTP requests. Servers are required to keep track of how many bytes of data a client requests and how many it sends back.
If the two do not match, then there is something wrong with the response and it needs to be corrected or rejected.
CloudFlare used a special piece of code called a cache-controlling routing header to check if a response was valid or not. The problem was that this check only checked the length of the request body, not the entire response size. This made it possible to create a very large request body that only had short content on it, making the cache validation pass.
CloudFlare fixed this issue by using an upper bound on the length of the routing header value.
Check your internet connection
If you are in a position where you cannot access the internet, it may be time to quit the app. It is not worth the stress or risk of losing information because the app froze or there was no connection. It is better to quit and re-install when you have access to the internet again. it
If you are able to use the app but there is no connection, then you can still use some of the features. You can save posts that you find online into your Buffer account by saving the link in your browser’s search bar. You can also update your posts that are already in your Buffer list by posting them directly from your phone’s data or wi-fi connection.
Check your server connection
If you are using the Buffer method to update your social media, first check to make sure that your server connection is working. If you are using a web application like Hootsuite or Buffer, try re-entering your information to make sure it is entering correctly.
If you are using the command line interface, try entering the same command again to see if it outputs the same result. If not, then there is something wrong with your code.
Check your account settings next to make sure that everything is set up correctly. For example, if you have two-factor authentication enabled on your account, then you may have to enter an additional confirmation code when logging in via the command line interface. This could be the issue causing no posts to be made.
Finally, check your internet connection and/or re-install the app/software to fix any bugs that may be present.
Check your code
If you are able to upload your image, your code is most likely working fine. The issue is most likely with the actual buffer creation process.
Another thing to check is your ports: are you using the correct port for images on your server configuration? Are you using the correct port for gcloud imagelink? Are you sure that gcloud imagelink is able to communicate with your server’s IP address?
If none of this seems to fix the issue, then it may be time to look into some debugging tools. There are plenty of debuggers out there, some free and some not so free.
A debugger allows you to step through your code line by line and see what is happening at each step. There are many ways to set up a debugger, so check out some resources for more info.
Buffers can cause problems too
When you use buffer functions like strstr() or strncmp(), they return a value. This value is called a buffer.
This is similar to how arithmetic operators work. For example, 2 + 2 returns 4 as the total, and 4 – 2 returns 2 as the remaining number.
The problem with buffers is that they need to be the correct size to accept what you are trying to add or subtract. If the size you provide it is too small, it will not work and you will get an error.
The same goes for your code when you are using buffers returned from string functions. If you are trying to use the content in the buffer somewhere else, but it is not the correct size, it will not work and you will get an error.
Check your buffers and make sure they are the correct size for what you are trying to do with them.
Use socket buffers
A socket buffer is an area of memory used to hold data prior to it being processed or transmitted. The size of the buffer is determined by how many bytes you are able to process at a time, which is referred to as throughput.
When using a buffered socket, the operating system handles the processing of the data so you do not have to worry about how many bytes you can process at a time. The downside is that it can take some time for the OS to process the data.
Unbuffered sockets require that you process the data yourself which can be time consuming depending on your programming language and expertise. The benefit though is that the data is processed more quickly since you are doing it yourself.
Either type of socket can be used with Linux machines depending on what type of kernel your machine uses.
Use TCP properly
Another major concern for buffer-overflow defenses is the proper use of TCP. Many operating systems have built-in protections for TCP connections, but most Linux distributions do not come with these protections enabled by default.
Many distributions enable the protection features by default, but due to the wide variety of software and configurations that Linux supports, it can be tricky to ensure that all of these protections are properly configured and enforced.
The main protection feature for TCP is SYN checksum. This feature requires the sending computer to calculate a checksum for the Syn packet sent to establish a connection and send this along with the packet. The receiving computer then validates this checksum against its own calculation to verify validity. If there is a difference, then the packet was corrupted in transmission and the connection is rejected.
This protects against SYN floods as well, as the sender must calculate the checksum before sending the packet.
Always check the return value of write()
The next lesson to learn here is to always check the return value of write() . Just like in our example, the function returns -1 when there is an error.
If you don’t check the return value, you will not know that there was an error. This can lead to more errors down the road when your code continues to execute.
As mentioned before, Linux is a multiuser operating system and with that comes permissions. Permissions control who can access what and how they can access it. When you try to write to a file, if you do not have permission then write() will return -1.
Checking permissions is a topic for another day, but keep this in the back of your mind that it could be why your write() returns -1.
