Re: Java and buffer overflows

From: Anibal Ambertin (aambertinat_private)
Date: Wed Jun 26 2002 - 10:02:08 PDT

Next message: Michal Zalewski: "RE: OpenSSH Vulns (new?) Priv seperation"

Previous message: Jose Nazario: "Re: OpenSSH Vulns (new?) Priv seperation"
In reply to: KF: "Re: Java and buffer overflows"
Next in thread: Javier Blanque: "Re: Java and buffer overflows"
Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    As someone else said before, the VM/interpreter of our
java classes is who's gonna check the code in interpretation/execution
time. This message is a tipical java error message, in this case
because of an intepreter thrown exception... but actually it doesn't
mean that we can overwrite a damn byte. Actually, the VM may have
some bug, but since it's not setuid on any system by default...
    The real danger around VM's I think are the web browser's pluggins.
As any other language, the real security uses to come from designers
and developers and not from the language itself.

Cheers. Anibal Ambertin.

----- Original Message -----
From: "KF" <dotslashat_private>
To: <felixat_private>
Cc: <vuln-devat_private>
Sent: Tuesday, June 25, 2002 12:40 AM
Subject: Re: Java and buffer overflows


> Not sure if this helps .... I was trying to come up with a scenario that
> passed user input to a buffer but the compiler kept barking at me so
> this is the best I can do.
>
> [root@qa5 root]# cat test.java
> class test
> {
>         public static void main(String args[])
>         {
>
>                 String[] test = new String[4];
>                 test[0] = "A";
>                 test[1] = "A";
>                 test[2] = "A";
>                 test[3] = "A";
>                 test[4] = "A";
>                 test[5] = "A";
>                 test[6] = "A";
>         }
> }
>
>
> [root@rcmqa5 root]# javac test.java
> [root@rcmqa5 root]# java test
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 4
>         at test.main(test.java:11)
>
> -KF
>
>
> Felix Harris wrote:
>
> >>I was wondering if code written in JAVA(or .NET) is vulnerable to buffer
overflows.
> >>If yes,what are the differences in the proccess of exploiting?
> >>Any online source?
> >>
> >
> >
> >well afaik one of the main reasons for creating Java was to make it
> >a safe language, as there is no complications between pointers
> >and buffers. Buffers are also lengthchecked, and pointers dont
> >really have the required scope to be exploited. If there was an
> >exploit for a java program, it would probably exist as a bug in the
> >virtual machine, or in a call to a c/c++ program/library. IIRC, there
> >was something about zlib being exploitable?
> >--
> >Felix Harris
> >felixat_private
> >I say goodbye and raindrops taste like tears
> >In the pouring rain I stand and die alone
> >
> >
>
>

Next message: Michal Zalewski: "RE: OpenSSH Vulns (new?) Priv seperation"
Previous message: Jose Nazario: "Re: OpenSSH Vulns (new?) Priv seperation"
In reply to: KF: "Re: Java and buffer overflows"
Next in thread: Javier Blanque: "Re: Java and buffer overflows"
Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 21:23:59 PDT