Does Java Have Buffer Overflows

Does Java have buffer overflows?

Since Java Strings are based on char arrays and Java automatically checks array bounds, buffer overflows are only possible in unusual scenarios:

  1. If you call native code via JNI
  2. In the JVM itself (usually written in C++)
  3. The interpreter or JIT compiler does not work correctly (Java bytecode mandated bounds checks)

What does a buffer overflow in Java look like?

Does Java have buffer overflows?

The above answer explains why it is not common in java to actually trigger a buffer overflow. If you get one, the error is usually not in your code, unless you program with a native interface.

I guess (speculation here) that it then depends on the native interface what a possible exception might look like, or wether the exception is handled at all, or the JVM will just crash with a system level exception.

Buffer overflow in JAVA

That kind of buffer overflow does not exist in Java. On the JVM level an IndexOutOfBoundsException would be raised.

I have an unexpected buffer overrun warning, why do I have that?

You get a warning, because if size were odd, then you would be reading elements past the end of vect. Imagine what would happen if size was 3:

  1. At first, you have i=0,j=0;.
  2. result[0] = vect[0]+vect[1];
  3. j++. j is now 1.
  4. i+=2;. i is now 2.
  5. result[1] = vect[2]+vect[3];

However, because vect has a size of 3, trying to read vect[3] (which you are), will (most likely) produce a segmentation fault.

Buffer Overflow (vs) Buffer OverRun (vs) Stack Overflow

Think of a buffer as just an array. People often use "overflow" and "overrun" interchangeably for any time you try to reference an index beyond the end of the array, and that's fine. Personally, I make a distinction:

A buffer overflow is when you try to put more items in the array than the array can hold. They flow out of the end of the buffer. In other words, it comes from writing.

A buffer overrun is when you are iterating over the buffer and keep reading past the end of the array. Your iterator is running through the buffer and keeps going. In other words, it comes from reading.

A stack overflow is much different. Most modern programming environments are stack-based, where they use a stack data structure to control program flow. Every time you call a function, a new item is placed on the program's call stack. When the function returns, the item is popped from the stack. When the stack is empty, the program stops. The thing is, this stack has a limited size. It is possible to call too many functions at one time and fill up the stack. At this point you have a stack overflow. The most common way to do this is when a function calls itself (recursion).


Related Topics

Java Read Large Text File with 70Million Line of Text

Java: Object to Byte[] and Byte[] to Object Converter (For Tokyo Cabinet)

Java Jtree Directory Structure from File Paths

What Does the Registernatives() Method Do

Pass a Local File in to Url in Java

Moving Items Around in an Arraylist

Encrypt and Decrypt with Aes and Base64 Encoding

Uploading of PDF File

Utf-8 Byte[] to String

Is This the Best Way to Rewrite the Content of a File in Java

How to Calculate the Difference Between Two Arraylists

How to Check If a Url Exists or Returns 404 with Java

Stopping a Window from Displaying Till It Is Fully Drawn

Is It Possible in Java Make Something Like Comparator But for Implementing Custom Equals() and Hashcode()

How Is the Fork/Join Framework Better Than a Thread Pool

What Is <? Super T> Syntax

How to Change the Size of the Font of a Jlabel to Take the Maximum Size

Checking for Null - What Order


Leave a reply



Submit