Buffer overflow and boundary condition errors are subsets of which of the following?

A.
Race condition errors.

B.
Access validation errors.

C.
Exceptional condition handling errors.

D.
Input validation errors.

Explanation:
The buffer overflow is probably the most notorious of input validation mistakes. A buffer overflow is an example
of boundary condition error where data is allowed to be written outside the allocated buffer.
Incorrect Answers:
A: Buffer overflow and boundary conditions errors are not race conditions errors. Race conditions exist when
the design of a program puts it in a vulnerable condition before ensuring that those vulnerable conditions are
mitigated. Examples include opening temporary files without first ensuring the files cannot be read, or written to,
by unauthorized users or processes, and running in privileged mode or instantiating dynamic load library
functions without first verifying that the dynamic load library path is secure. Either of these may allow an
attacker to cause the program (with its elevated privileges) to read or write unexpected data or to perform
unauthorized commands.
B: Buffer overflow and boundary conditions errors are not access validation errors. An example of an access
validation error would be when a process is denied access to an object.
C: An example of exceptions handling error would be a division by zero. Buffer overflows and boundary
conditions are not examples of exceptional conditions errors.

Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,
pp. 1162, 1304