buffer overflow possible in CNI string-handling code?

Adam Megacz gcj@lists.megacz.com
Mon Mar 11 14:27:00 GMT 2002

• Previous message (by thread): another libjava failure
• Next message (by thread): buffer overflow possible in CNI string-handling code?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Hey, I have a lot of CNI code like this:
 char buf2[text->length() + 1];
 buf2[text->length()] = '0円';
 JvGetStringUTFRegion(text, 0, text->length(), buf2);
If a malicious user sends a huge string for 'text'1, will the
allocation of buf2 notice that text->length() > stacksize, and refuse
to proceed (either a crash or an exception is acceptable)?. I'm just
concerned about people writing over code regions this way.
 - a
-- 
"If I put copyrighted material into the 'chewy nougat center', I can
 claim the crunchy chocolate coating is an 'Access Control
 Mechanism'." --lynx_user_abroad
Why Windows NT/2k/XP is unreliable: www.zappadoodle.com

---

• Previous message (by thread): another libjava failure
• Next message (by thread): buffer overflow possible in CNI string-handling code?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list