Java Reference
In-Depth Information
Continued from previous page
to an array index out of bounds exception. It occurs when a program writes data
beyond the bounds of the buffer that is set aside for that data.
For example, you might have space allocated for the String “James T Kirk”,
which is 12 characters long, counting the spaces:
J
a
m
e
s
3
T
3
K
i
r
k
12-character buffer
Suppose that you tell the computer to overwrite this buffer with the String
“Jean Luc Picard”. There are 15 letters in Picard's name, so if you write all of
those characters into the buffer, you “overrun” it by writing three extra characters:
J
e
a
n
3
L
u
3
c
3
P
i
c
a
r
d
12-character buffer
overrun
The last three letters of Picard's name (“ard”) are being written to a part of
memory that is beyond the end of the buffer. This is a very dangerous situation,
because it will overwrite any data that is already there. An analogy would be a
fellow student grabbing three sheets of paper from you and erasing anything you
had written on them. You are likely to have had useful information written on
those sheets of paper, so the overrun is likely to cause a problem.
When a buffer overrun happens accidentally, the program usually halts with
some kind of error condition. However, buffer overruns are particularly dan-
gerous when they are done on purpose by a malicious program. If the attacker
can figure out just the right memory location to overwrite, the attacking soft-
ware can take over your computer and instruct it to do things you haven't
asked it to do.
Three of the most famous Internet worms were built on buffer overruns: the
1988 Morris worm, the 2001 Code Red worm, and the 2003 SQLSlammer worm.
Buffer overruns are often written as array code. You might wonder how such a
malicious program could be written if the computer checks the bounds when you
access an array. The answer is that older programming languages like C and C++
do not check bounds when you access an array. By the time Java was designed in
the early 1990s, the danger of buffer overruns was clear and the designers of the
language decided to include array-bounds checking so that Java would be more
secure. Microsoft included similar bounds checking when it designed the lan-
guage C# in the late 1990s.
 
Search WWH ::




Custom Search