Secure Coding mailing list archives
RE: Java NullPointerException's (was "", was (Shellcode In jection))
From: Nick Lothian <nl () essential com au>
Date: Tue, 16 Dec 2003 14:14:06 +0000
-----Original Message----- From: Lewis, Todd [mailto:[EMAIL PROTECTED] Sent: Monday, 15 December 2003 2:45 AM To: Crispin Cowan; Jeffrey W. Baker Cc: [EMAIL PROTECTED] Subject: RE: [SC-L] Importance: Low Although I agree about ML, I have to say that the number of null-pointer exceptions I've seen in Java apps leaves me suspicious that it might not be as safe as it's cracked up to be. Plus, no amount of type-safe code can save you from a well-placed photon or two: http://www.cs.princeton.edu/~sudhakar/papers/memerr.pdf
[Thread snipped] What security implications does a Java NullPointerException have? I fail to see how java.lang.NullPointerException's are related to stack-smashing, type-safety violations OR shell code injection (or indeed any other kind of security problem when considered in isolation). Nick
Current thread:
- RE: Java NullPointerException's (was "", was (Shellcode In jection)) Nick Lothian (Dec 16)