safety of GCJ-generated code

Per Bothner per@bothner.com
Mon Dec 17 10:19:00 GMT 2001

• Previous message (by thread): safety of GCJ-generated code
• Next message (by thread): safety of GCJ-generated code
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Adam Megacz wrote:
> Is GCJ-compiled code "safe" in the sense that no malicious input to a
> program can possibly cause it to crash or jump to memory locations
> that aren't part of its code? (ie buffer overflows, stack-busting). By
> crash, I mean something beyond an uncaught exception.

I believe so. However, there are a couple areas where the
verifier is known to be incomplete: Verifying of interface
calls, and that constructors are called on newly-allocated
objects. (There may be others.)
-- 
	--Per Bothner
per@bothner.com http://www.bothner.com/per/

---

• Previous message (by thread): safety of GCJ-generated code
• Next message (by thread): safety of GCJ-generated code
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list