Re[2]: Stack Overflow

["P. Schmiel" <secfoc () cybernox net>]

Hello list,

I don't have much knowedge about java, but i'm quite sure that there
can be overflows. the reason for this is, that the memmory handling is
the operating systems job. for .NET i know, that there are
possibilities 4 overflows, because some functions have a quite "open"
memmory handling. and in my opinion, this is important because a
programming language must gave you all possibilities it can, and not
restrict you in any way.
maybe the chance to create an overflwable code has decreased, but it's
not impossible.
well... thats my point of view, but i'm open for other perspectives
and other opinions.

(sorry 4 my bad english ;))

Original message Monday, January 10, 2005, 10:23:54 PM:

BZ> Hi,

BZ> I have done some Java programming but not an expert.  I'd be interested in
BZ> knowing how this can be accomplished, since you cannot manipulate pointers
BZ> in Java and arrays are bound-checked.  Do you have any examples?

BZ> Best Regards

BZ> Beilin Zhang 

BZ> -----Original Message-----
BZ> From: P. Schmiel [mailto:secfoc () cybernox net]
BZ> Sent: Monday, January 10, 2005 12:29 PM
BZ> To: security-basics () securityfocus com
BZ> Subject: Re: Stack Overflow


BZ> Hello list,

BZ> well, sure they can. it's the coders job to make a good code. and the
BZ> OSs job to manage the memory correct.

BZ> Original message Monday, January 10, 2005, 2:11:03 PM:

NS>> Hi list,

NS>>   My question is: can programs made with newer languages (Java and
NS>> .NET) have buffer overflow exploits?

NS>> Tnx,
NS>> Nelson Santos


BZ> --- 
BZ> Best regards,
BZ> Pascal Schmiel
BZ> schmiel () cybernox net


--- 
Best regards,
Pascal Schmiel
schmiel () cybernox net