Re: Java and buffer overflows

From: Anibal Ambertin (aambertin@securetty.com.ar)
Date: 06/26/02 

From: "Anibal Ambertin" <aambertin@securetty.com.ar>
To: "KF" <dotslash@snosoft.com>
Date: Wed, 26 Jun 2002 14:02:08 -0300

    As someone else said before, the VM/interpreter of our
java classes is who's gonna check the code in interpretation/execution
time. This message is a tipical java error message, in this case
because of an intepreter thrown exception... but actually it doesn't
mean that we can overwrite a damn byte. Actually, the VM may have
some bug, but since it's not setuid on any system by default...
    The real danger around VM's I think are the web browser's pluggins.
As any other language, the real security uses to come from designers
and developers and not from the language itself.

Cheers. Anibal Ambertin.

----- Original Message -----
From: "KF" <dotslash@snosoft.com>
To: <felix@cannabis.net>
Cc: <vuln-dev@securityfocus.com>
Sent: Tuesday, June 25, 2002 12:40 AM
Subject: Re: Java and buffer overflows

> Not sure if this helps .... I was trying to come up with a scenario that
> passed user input to a buffer but the compiler kept barking at me so
> this is the best I can do.
>
> [root@qa5 root]# cat test.java
> class test
> {
> public static void main(String args[])
> {
>
> String[] test = new String[4];
> test[0] = "A";
> test[1] = "A";
> test[2] = "A";
> test[3] = "A";
> test[4] = "A";
> test[5] = "A";
> test[6] = "A";
> }
> }
>
>
> [root@rcmqa5 root]# javac test.java
> [root@rcmqa5 root]# java test
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 4
> at test.main(test.java:11)
>
> -KF
>
>
> Felix Harris wrote:
>
> >>I was wondering if code written in JAVA(or .NET) is vulnerable to buffer
overflows.
> >>If yes,what are the differences in the proccess of exploiting?
> >>Any online source?
> >>
> >
> >
> >well afaik one of the main reasons for creating Java was to make it
> >a safe language, as there is no complications between pointers
> >and buffers. Buffers are also lengthchecked, and pointers dont
> >really have the required scope to be exploited. If there was an
> >exploit for a java program, it would probably exist as a bug in the
> >virtual machine, or in a call to a c/c++ program/library. IIRC, there
> >was something about zlib being exploitable?
> >--
> >Felix Harris
> >felix@cannabis.net
> >I say goodbye and raindrops taste like tears
> >In the pouring rain I stand and die alone
> >
> >
>
>

Relevant Pages

  • Re: Java and buffer overflows
    ... It is possible that JVM protects against the majority of buffer overflows, ... Java source below. ...
    (Vuln-Dev)
  • Re: progress indicator window with Stop button
    ... The calling code has to pass gets a buffer to write to, but gets will continue writing to that buffer until it reaches a newline. ... Java 1.5's major classfile version is 49. ... restarted, double-clicked the jar file, and... ... the 1.5 or 1.6 compiler to produce class files in the 1.4 classfile format, but that doesn't guarantee that the compiled code doesn't call methods that didn't exist - for that, you need to compile against a 1.4 runtime library, which the compiler -source and -target arguments don't do. ...
    (comp.lang.java.programmer)
  • Re: Passing large C buffers to Java (via JNI) without copying?
    ... C-side buffer in a Java object which will access it directly. ... But remember that /every/ access to that data from Java will then cost more than a direct lookup in a bytearray would, so you should carefully consider whether that overhead will overall be greater than that of a single copy. ... Another factor to consider is that if the JVM allocates the byte buffer then it'll zero the memory for you, which will add a cost not so far off the cost of the copy -- but that might be acceptable if the C code would otherwise have to zero the memory itself. ...
    (comp.lang.java.programmer)
  • Re: fortran+java i/o (stupid) problem
    ... The Java read-thread lives concurrently, ... > data down the pipe to spawned process. ... > to the IO buffering in your Fortran program; if it is buffered, ... Some buffer the inter-process pipes, ...
    (comp.os.linux.development.apps)
  • Re: fortran+java i/o (stupid) problem
    ... The Java write-thread may live ... to the IO buffering in your Fortran program; if it is buffered, ... In general, when two processes share an IO pipe, the write end ... Some buffer the inter-process pipes, ...
    (comp.os.linux.development.apps)