Search This Blog

09 September 2005

Unpatched Firefox flaw may expose users | CNET News.com

people make fun of me for my java-evangelism, but...

well, you figure it out:
from Section 9.1: Introduction to Correctness and Robustness
For software written completely in Java, buffer overflow errors are impossible. The language simply does not provide any way to store data into memory that has not been properly allocated. To do that, you would need a pointer that points to unallocated memory or you would have to refer to an array location that lies outside the range allocated for the array. As explained above, neither of these is possible in Java. (However, there could conceivably still be errors in Java's standard classes, since some of the methods in these classes are actually written in the C programming language rather than in Java.)


Sure there are Java programs out there that have this problem. But that is USUALLY because they include NON-Java code.

No comments:

Post a Comment