What is a buffer overflow?
Last reviewed June 2, 2026
A buffer overflow happens when a program writes more data into a fixed-size memory buffer than it can hold, overwriting adjacent memory. Attackers exploit this to corrupt data, crash the program, or hijack control flow to run their own code. It is prevented with bounds-checked operations, safe languages, and compiler and OS mitigations.
What a buffer overflow is
A buffer is a fixed-size region of memory allocated to hold data. A buffer overflow, the classic form of which is CWE-120 (Buffer Copy without Checking Size of Input, the classic buffer overflow), occurs when a program copies more data into that region than it was sized for. The excess spills into adjacent memory, overwriting whatever was there.
Buffer overflows are most associated with memory-unsafe languages like C and C++, where the programmer is responsible for bounds management and the language does not check it automatically.
How the attack works
A program declares a buffer of 64 bytes and copies a user-supplied string into it with an unbounded function like strcpy. If the attacker supplies 200 bytes, the extra 136 bytes overwrite neighboring stack memory. On the stack, that adjacent memory can include the saved return address that tells the CPU where to resume after the current function finishes.
By carefully crafting the input, an attacker overwrites the return address with a value pointing to their own code or to existing code chunks (a technique called return-oriented programming). When the function returns, execution jumps to attacker-controlled instructions, turning a memory bug into code execution.
Real-world impact
- Crashes and denial of service from corrupted memory.
- Arbitrary code execution by hijacking the program's control flow.
- Privilege escalation when the vulnerable program runs with elevated rights.
- Worms that exploit overflows to self-propagate, a pattern behind several historic outbreaks.
How to prevent it
Mitigations like ASLR and stack canaries raise the bar but do not eliminate the bug; the durable fix is correct bounds checking or a memory-safe language.
- Use bounds-checked functions (such as strncpy or snprintf with correct sizes) instead of unbounded ones like strcpy and gets.
- Prefer memory-safe languages (Rust, Go, Java) where the runtime enforces bounds.
- Enable compiler and OS mitigations: stack canaries, ASLR, and non-executable memory (DEP/NX).
- Validate and limit input lengths before copying.
- Use static analysis and fuzzing to catch overflows before release.
Keep exploring
- CWE-120: Buffer OverflowThe MITRE weakness entry the classic overflow maps to.
- What is an out-of-bounds write?The broader memory-write weakness overflows fall under.
- What is use after free?Another memory-corruption class with similar impact.
- Browse the CWE directoryExplore the full catalog of weakness types.
Frequently asked questions
- What is a buffer overflow in simple terms?
- It is when a program tries to stuff more data into a memory slot than it can hold, so the extra data spills over and corrupts whatever sat next to it in memory.
- Why are buffer overflows dangerous?
- By overflowing into critical memory like a function's return address, an attacker can redirect the program to run their own code, which can mean full compromise of the system.
- How do you prevent buffer overflows?
- Use bounds-checked copy operations, prefer memory-safe languages, validate input lengths, and enable compiler and OS mitigations like stack canaries, ASLR, and non-executable memory.
- Which CWE covers buffer overflows?
- The classic buffer overflow is CWE-120. Closely related entries include CWE-787 (out-of-bounds write) and CWE-125 (out-of-bounds read).
