|
|
| Line 1: |
Line 1: |
| <b>Programs are not allowed to access arbitrary memory locations.<br></b>
| |
| For example, casting between an
| |
| int and an Object is strictly illegal in Java.<br>
| |
|
| |
|
| <b>Variables may not be used before they are initialized.<br></b>
| |
| If a program were able to read the value of an uninitialized variable, the effect would be the same as if
| |
| it were able to read random memory locations. A Java class wishing to exploit this defect might then
| |
| declare a huge uninitialized section of variables in an attempt to snoop the memory contents of the
| |
| user's machine. To prevent this type of attack, all local variables in Java must be initialized before
| |
| they are used, and all instance variables in Java are automatically initialized to a default value.
| |
|
| |
| <b>Objects cannot be arbitrarily cast into other objects.<br></b>
| |
| Consider the below example.
| |
|
| |
| public class CreditCard {<br>
| |
| private String acctNo;<br>
| |
| }<br>
| |
|
| |
| public class CreditCardSnoop {<br>
| |
| public String acctNo;<br>
| |
| }<br>
| |
|
| |
| Then the following code will not be allowed execute:
| |
|
| |
| CreditCard cc = Wallet.getCreditCard( );<br>
| |
| CreditCardSnoop snoop = (CreditCardSnoop) cc;<br>
| |
| System.out.println("Ha! Your account number is " + snoop.acctNo);<br><br>
| |
|
| |
| Java does not allow arbitrary casting between objects; an object can only be cast to one of its
| |
| superclasses or its subclasses.<br>
| |
|
| |
| To satisfy the compiler code can be changed as follows:<br>
| |
| Object cc = Wallet.getCreditCard( );<br>
| |
| CreditCardSnoop snoop = (CreditCardSnoop) cc;<br>
| |
|
| |
| In this case, the virtual machine will throw a ClassCastException when the
| |
| snoop variable is assigned to thwart the attack.
| |