What is the difference between a stack overflow and buffer overflow?

Question

What is the difference between a stack overflow and a buffer overflow in programming?

Answer 1

Stack overflow: you have put too many things on the stack for the memory allocated to the current thread

Buffer overflow: You have exceeded the size of your currently allocated buffer and have not resized it to fit (or cannot resize it further).

Answer 2

The key difference is knowing the difference between the stack and a buffer.

The stack is the space reserved for the executing program to execute in. When you call a function, it's parameter and return info are placed on the stack.

A buffer is a generic chunck of memory that is used for a single purpose. For example, a string is a buffer. It can be over run by writing more data to the string than was allocated for.

Answer 3

Don't you mean to say "what is the difference between a stack and a buffer?" -- that will lead you to more insight more quickly. Once you've gotten that far, then you can think about what it means to overflow each of these things.

Answer 4

Most people who mentions buffer overflows mean stack oveflows. However, overflows can occur in any area not just limited to the stack. Such as the heap or bss. A stack overflow is limited to overwriting return addresses on the stack, but a normal overflow that does not overwrite the return address will probably just overwrite other local variables.