Running on Java 17+35-2724 (Preview)
Home of The JavaSpecialists' Newsletter

1.10 How my Buffer Overflow Wiped my Colleague's Hard Disk

Juppies 2 by Dr Heinz M. Kabutz

This is a sad story. About three decades ago, I wrote a program in C++ and with the platform I was using, was supposed to have null as the last value in my arrays. I didn't read the documentation and thus didn't do this. I was running the code on Solaris and for some reason it worked, despite the bug in my code. A fellow student wanted to see whether my program would also compile and run on Windows. I strongly urged him not to try it, but he did anyway. It compiled fine, but when it ran, due to the unterminated array, it caused a catastrophic failure and wiped out his hard drive. It was an unfortunate mistake, and I did feel quite bad for my colleague.

Hackers exploit these types of bugs all the time - they are called buffer overflow attacks - in order to insert their own program code and to take over control of machines.

Java protects us against writing or reading past the end of an array by consistently throwing an ArrayIndexOutOfBoundsException. Much better!

Comments

When you load these comments, you'll be connected to Disqus. Privacy Statement.

Table of Contents

We hope you enjoyed this tutorial. If you did, you will also enjoy our courses. We suggest you start with Extreme Java - Advanced Java, followed by Extreme Java - Concurrency Performance for Java 8.



About the Author

Heinz Kabutz Java Conference Speaker

Java Champion, author of the Javaspecialists Newsletter, conference speaking regular... About Heinz

Superpack 21

Superpack 21 Our entire Java Specialists Training in one huge bundle more...

Free Java Course

Free Juppies 2 Course
Juppies 2 - a course for complete beginners more...

Free Java Book

Dynamic Proxies in Java Book
Java Training

We deliver relevant courses, by top Java developers to produce more resourceful and efficient programmers within their organisations.

Java Consulting

We can help make your Java application run faster and trouble-shoot concurrency and performance bugs...

Java Emergency?

If your system is down, we will review it for 15 minutes and give you our findings for just 1 € without any obligation.