Re: Java and buffer overflows

From: ash (ashcrowat_private)
Date: Wed Jun 26 2002 - 11:05:49 PDT

  • Next message: Valdis.Kletnieksat_private: "Re: csh/tcsh vulnerability"

    What happened here is that the JavaVM caught an exception while parsing
    the code. It won't cause any problems AFAIK but it will keep a program
    from working ;-).
    
    Generally speaking you use try {} catch () {} to deal with raised
    exceptions in Java so that if an error does happen it is delt with
    properly or errors out in such a manor that the user can understand why.
    
    Cheers,
    Ash
    ----
    Darkfire Secure Linux -- http://www.gnulinux.net
    
    On Mon, 2002-06-24 at 23:40, KF wrote:
    > Not sure if this helps .... I was trying to come up with a scenario that 
    > passed user input to a buffer but the compiler kept barking at me so 
    > this is the best I can do.
    > 
    > [root@qa5 root]# cat test.java
    > class test
    > {
    >         public static void main(String args[])
    >         {
    > 
    >                 String[] test = new String[4];
    >                 test[0] = "A";
    >                 test[1] = "A";
    >                 test[2] = "A";
    >                 test[3] = "A";
    >                 test[4] = "A";
    >                 test[5] = "A";
    >                 test[6] = "A";
    >         }
    > }
    > 
    > 
    > [root@rcmqa5 root]# javac test.java
    > [root@rcmqa5 root]# java test
    > Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 4
    >         at test.main(test.java:11)
    > 
    > -KF
    



    This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 23:09:48 PDT