Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Java integer overflows (was: a really long topic)

Re: Java integer overflows (was: a really long topic)

From: <michaelslists_at_gmail.com>
Date: Wed, 29 Mar 2006 14:50:10 +1100

right,

but we're talking about unmanaged vs managed, and the earlier poster
(i think it might've been "pavel" [sorry if it wasn't]), said that
100% java is still vulnerable to buffer overflows. the fact is that it
isn't.

-- Michael

On 3/29/06, Andrew van der Stock <vanderaj_at_greebo.net> wrote:
> I'm not talking arbitrary code execution, I'm talking about odd code
> paths, bizarre outcomes, and DoS.
>
> For example (found via 19 Sins, Viega, Howard and LeBlanc):
> http://seclists.org/lists/bugtraq/2004/Nov/0097.html
>
> I know Michael reads webappsec, he may have more examples.
>
> In my own code testing, I look for silly behaviors if a user can
> insert a large or negative number. You'd be surprised how often it
> occurs. There is no excuse not to include basic range checks when
> performing data validation.
>
> thanks,
> Andrew
>
> On 29/03/2006, at 2:30 PM, michaelslists_at_gmail.com wrote:
>
> > No you dont.
> >
> > Arrays are all bounds checked; ..., that is, the following code will
> > throw an exception:
> >
> > ================================
> > class Foo {
> > static {
> > int[] m = new int[2];
> > System.out.println(m[34]);
> > }
> > }
> > ================================
> >
> >
> > What do you mean by "overflow"? Do you mean this?
> >
> > ================================
> > class Foo {
> > static {
> > int m = Integer.MAX_VALUE;
> > int k = Integer.MAX_VALUE + Integer.MAX_VALUE;
> > System.out.println(m);
> > System.out.println(k);
> > System.exit(0);
> > }
> > }
> > ================================
> >
> > if so, I don't see how that is an issue.
> >
> > -- Michael
> >
> >
> >
> > On 3/29/06, Andrew van der Stock <vanderaj_at_greebo.net> wrote:
> >> This is not quite true.
> >>
> >> Java does not prevent integer overflows (it will not throw an
> >> exception). So you still have to be careful about array indexes.
> >>
> >> Andrew

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
Received on Mar 28 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos