Out of Bounds

Memory
References
 Definition
• Out-of-bounds memory references refer to
attempts to access memory locations that are
outside the bounds of a valid, allocated memory
region.
• This can lead to unpredictable behavior, including
crashes, data corruption, and security
vulnerabilities
• Out-of-bounds memory access happens when a
program tries to read from or write to a memory
address that it is not permitted to access.
 Types
• Accessing beyond the allocated stack or heap
space
• Array or buffer overflows
• Accessing uninitialized or freed memory
• Accessing invalid pointers
 Accessing beyond the
allocated stack or heap
space
• Stack and heap are two major areas of memory that
programs use to store local variables, function calls,
dynamic memory, etc.
• If an instruction attempts to reference memory that
lies outside of these allocated regions (e.g., accessing
data beyond the stack frame or after deallocating
memory in the heap), it can result in out-of-bounds
access.
 Array or buffer overflows

• One of the most common forms of out-of-bounds

memory access happens when a program accesses
an array or buffer beyond its defined size. This can
overwrite adjacent memory, causing unexpected
behavior.
 Accessing uninitialized or freed
memory
• If memory is dynamically allocated (e.g., using malloc
in C or similar in assembly), and later freed without
ensuring that no further access is made, any
subsequent reference to that memory location is an
out-of-bounds access.
 Accessing invalid pointers

• When pointers are used in assembly language, an

invalid or NULL pointer dereference leads to an out-
of-bounds memory reference. For example,
dereferencing a pointer that points to an address
outside the bounds of a valid allocated space can
cause an error.
 Causes
• Incorrect index calculation
• Improper loop bounds
• Incorrect memory segmentation
• Pointer arithmetic errors
 Incorrect index calculation

• In assembly language, the developer typically

computes the address of data using an index, offset,
or pointer arithmetic. A miscalculation can lead to
accessing memory beyond the intended boundaries.
 Improper loop bounds

• If a loop iterates past the end of a buffer or array, it

can result in out-of-bounds access. This might
happen if the loop condition or index increment is
incorrectly written.
 Incorrect memory segmentation

• In some assembly languages or environments,

memory is divided into segments (such as code, data,
and stack segments). A failure to respect these
boundaries can lead to illegal memory access,
potentially overwriting critical control structures (like
the return address in the stack).
 Pointer arithmetic errors

• Pointer manipulation in assembly requires careful

handling. For example, an incorrect increment or
decrement of a pointer, or failure to account for the
size of data types, can easily cause an out-of-bounds
access.
 Effects
• Program Crashes
• Data Corruption
• Security Vulnerabilities
• Unpredictable Behavior
 Program Crashes
• Attempting to access memory that the program is
not authorized to use can lead to segmentation faults
(on Unix-like systems) or access violations (on
Windows). This typically causes the program to crash.
 Data Corruption

• Writing beyond the bounds of an allocated region

can overwrite adjacent memory, corrupting other
variables, function pointers, or control structures.
This can lead to erratic program behavior and can be
difficult to debug.
 Security Vulnerabilities

• Out-of-bounds accesses are often exploited in attacks

such as buffer overflows. An attacker might carefully
craft an input to overwrite specific memory locations
(e.g., return addresses) to redirect the program's
flow, potentially executing arbitrary code.
 Unpredictable Behavior

• Even if the program does not immediately crash,

accessing out-of-bounds memory can cause
undefined or unpredictable behavior, which can be
extremely hard to diagnose. The behavior can vary
depending on the memory layout and operating
system.
 Preventions
• Bounds Checking
• Proper Pointer Arithmetic
• Safe Memory Management
• Static Analysis and Debugging Tools
• Overflow Protection
 Bounds Checking

• Always ensure that memory accesses are within the

bounds of allocated regions. In higher-level
languages, bounds checking might be done
automatically, but in assembly, the programmer must
manually ensure valid accesses.
 Proper Pointer Arithmetic

• Ensure that any pointer arithmetic accounts for the

size of the data type (e.g., for a 32-bit integer,
increment the pointer by 4 bytes).
 Safe Memory Management

• Avoid using uninitialized or freed pointers. Ensure

that memory is properly allocated, used, and freed.
 Static Analysis and Debugging
Tools
• Use static analysis tools or debuggers like GDB to
inspect memory usage and check for potential out-
of-bounds accesses.
 Overflow Protection

• Implement additional checks when dealing with

arrays or buffers. For example, bounds-checking logic
can be added manually before accessing array
elements.