Think of a buffer as just an array. People often use "overflow" and "overrun" interchangeably for any time you try to reference an index beyond the end of the array. Personally, I make a distinction:

将缓冲区视为一个数组。当您尝试引用数组末尾之外的索引时，人们经常交替使用“溢出”和“溢出”。就我个人而言，我做出了区分：

A buffer overflowis when you try to put more items in the array than the array can hold. In other words, it comes from writing.

一个缓冲区溢出是当你试图把更多的项目数组比数组可以保存英寸 换句话说，它来自写作。

A buffer overrunis when you are iterating over the buffer and keep reading past the end of the array. In other words, it comes from reading.

一个缓冲区溢出是当你遍历缓冲区，请继续阅读过去的数组的末尾。换句话说，它来自阅读。

A stack overflowis much different. Most modern programming environments are stack-based, where they use a stack data structure to control program flow. Every time you call a function, a new item is placed on the program's call stack. When the function returns, the item is popped from the stack. When the stack is empty, the program stops. The thing is, this stack has a limited size.It is possible to call too many functions at one time and fill up the stack. At this point you have a stack overflow. The most common way to do this is when a function calls itself (recursion).

一个堆栈溢出是非常不同的。大多数现代编程环境都是基于堆栈的，它们使用堆栈数据结构来控制程序流程。每次调用函数时，都会在程序的调用堆栈中放置一个新项。当函数返回时，该项目从堆栈中弹出。当堆栈为空时，程序停止。问题是，这个堆栈的大小是有限的。有可能一次调用过多的函数并填满堆栈。此时你有一个堆栈溢出。最常见的方法是在函数调用自身时（递归）。

Bufferoverflow / Bufferoverrun:

缓冲区溢出/缓冲区溢出：

void k()
{
    BYTE buf[5];
    for( int i = 0; i < 10; ++i )
        buf[i] = 0xcd;
}

Stackoverflow :

堆栈溢出 ：

void f()
{
     int k = 0;
     f();
}

You can have difference between buffer overflow and buffer overrun in C/C++:

您可以在 C/C++ 中区分缓冲区溢出和缓冲区溢出：

• We could define overflow when you index/point beyond the original buffer size (e.g read the 6th element of a 3 element array)
• We could define overrun, when you have multiple adjacent buffers after each other, and you index into the second (e.g read the 6th element of the first 3-element array but you get the 3rd element of the second 3-element array).

• 当您索引/指向超出原始缓冲区大小时，我们可以定义溢出（例如读取 3 元素数组的第 6 个元素）
• 我们可以定义溢出，当你有多个相邻的缓冲区时，你索引到第二个（例如，读取第一个 3 元素数组的第 6 个元素，但你得到第二个 3 元素数组的第 3 个元素）。

Stack overflow is kinda buffer overflow when you fill your entire stack 'memory buffer'.

当您填满整个堆栈“内存缓冲区”时，堆栈溢出有点像缓冲区溢出。

What is the difference between Buffer Overflow and Buffer Overrun? I would say that Buffer over flow is when you attempt to write beyond the end of a buffer, but you have a check which prevents it. buffer over run is when you actually write beyond the end of the buffer. The first is fail fast, the second is harder to detect.

缓冲区溢出和缓冲区溢出有什么区别？我会说缓冲区溢出是当您尝试在缓冲区末尾之外写入时，但您有一个检查可以阻止它。缓冲区溢出是指您实际写入超出缓冲区末尾的情况。第一个是快速失败，第二个更难检测。

You cannot overrun a buffer in java as it always has bounds checking and thus produces a BufferOverflowException.

你不能在 java 中溢出缓冲区，因为它总是有边界检查，因此会产生 BufferOverflowException。

What is the difference between Buffer Overrun and Stack Overflow?

缓冲区溢出和堆栈溢出有什么区别？

They have nothing to do with one another.

他们彼此毫无关系。