Back to Security Pattern Catalog

Safe Data Structure

Classification Key : Core Security, Tampering


Buffer overflow is a security threat that occurs from bad programming practice. If every string handling routine checked allocated memory and validated input beforehand, buffer overflow would not occur. However, in practice, they are not written to be safe. How can string routines be made safe from buffer overflow attacks?


Represent strings with data structure that includes length information and allocated memory information. All string routines should check for length and memory available before proceeding.

Known Uses

The string library re-written in qmail. The stralloc data type. typedef struct stralloc { char *s; // pointer to the string or 0 if unallocated unsigned int len; // number of bytes in the string unsigned int a; // count of allocated bytes in the string }


Hafiz et. al.


Buffer Overflow


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz