Vulnerability Development mailing list archives

(Fwd) Re: Java and buffer overflows

From: "Felix Harris" <felix () cannabis net>
Date: Tue, 25 Jun 2002 21:33:26 +0100


------- Forwarded message follows -------
From:                   Felix Harris <felix () cannabis net>
To:                     KF <dotslash () snosoft com>
Subject:                Re: Java and buffer overflows
Send reply to:          felix () cannabis net
Date sent:              Tue, 25 Jun 2002 21:21:28 +0100

Date sent:              Mon, 24 Jun 2002 23:40:07 -0400
From:                   KF <dotslash () snosoft com>
To:                     felix () cannabis net
Copies to:              vuln-dev () securityfocus com
Subject:                Re: Java and buffer overflows

[root@qa5 root]# cat test.java
class test
{
        public static void main(String args[])
        {

                String[] test = new String[4];
                test[0] = "A";
                test[1] = "A";
                test[2] = "A";
                test[3] = "A";
                test[4] = "A";
                test[5] = "A";
                test[6] = "A";
        }
}


[root@rcmqa5 root]# javac test.java
[root@rcmqa5 root]# java test
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 4
        at test.main(test.java:11)



AFAIK(and i dont know much:), that IS the bounds checking: an 
exception is thrown rather than a buffer being overflowed.
------- End of forwarded message ---------
Felix Harris
felix () cannabis net
I say goodbye and raindrops taste like tears
In the pouring rain I stand and die alone

Current thread:

(Fwd) Re: Java and buffer overflows Felix Harris (Jun 26)