format string bug

views updated

format string bug A type of vulnerability in which a program uses input data in particular types of print command. If the input is not checked it may be possible for an intruder to construct a string that will alter unexpected locations in memory when it is printed. This may, for example, allow the program counter to be manipulated or the program's ownership or permissions to be changed to give the intruder unauthorized access to the computer.