What is buffer overflow attack

Buffer overflow errors are characterized by the overwriting of memory fragments of the process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer), and other registers cause exceptions, segmentation faults, and other errors to occur. Usually, these errors end the execution of the application in an unexpected way. Buffer overflow errors occur when we operate on buffers of char type.
The buffer overflow attack was discovered in hacking circles. It uses input to a poorly implemented, but (in intention) completely harmless application, typically with root/administrator privileges. The buffer overflow attack results from input that is longer than the implementor intended. To understand its inner workings, we need to talk a little bit about how computers use memory. A Buffer Overflow Attack is an attack that abuses a type of bug called a “buffer overflow”, in which a program overwrites memory adjacent to a buffer that should not have been modified intentionally or unintentionally.  Buffer overflows are commonly associated with C-based languages, which do not perform any kind of array-bounds checking. As a result, operations such as copying a string from one buffer to another can result in the memory adjacent to the new (shorter) buffer being overwritten with excess data.

When a buffer overflow occurs in a program, it will often crash or become unstable.  An attacker attempting to abuse a buffer overflow for a more specific purpose other than crashing the target system can purposely overwrite important values in the call stack of the target machine such as the instruction pointer (IP) or base pointer (BP) in order to execute his or her potentially malicious unsigned code.  Operating system and software vendors often employ countermeasures in their products to prevent Buffer Overflow Attacks; particularly call stack and virtual memory randomization.  Given the existence of such protective measures, Buffer Overflow Attacks have been rendered more difficult, although still possible to carry out.